diff options
author | Pauli <pauli@openssl.org> | 2021-08-17 13:17:17 +1000 |
---|---|---|
committer | Pauli <pauli@openssl.org> | 2021-08-18 16:14:42 +1000 |
commit | 9f81ef9c0b6f3f9b3a091c5c40af52fb3f8556e3 (patch) | |
tree | a719b8990c312d4e5913da9adc5d1decc6cc2723 /providers/implementations | |
parent | 46ac83eaf30efb676d12583080216f354951e0ae (diff) | |
download | openssl-new-9f81ef9c0b6f3f9b3a091c5c40af52fb3f8556e3.tar.gz |
pkcs12: check for zero length digest to avoid division by zero
Fixes #16331
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
(Merged from https://github.com/openssl/openssl/pull/16332)
Diffstat (limited to 'providers/implementations')
-rw-r--r-- | providers/implementations/kdfs/pkcs12kdf.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/providers/implementations/kdfs/pkcs12kdf.c b/providers/implementations/kdfs/pkcs12kdf.c index 0ca83dd243..2037b458c8 100644 --- a/providers/implementations/kdfs/pkcs12kdf.c +++ b/providers/implementations/kdfs/pkcs12kdf.c @@ -64,7 +64,7 @@ static int pkcs12kdf_derive(const unsigned char *pass, size_t passlen, } vi = EVP_MD_get_block_size(md_type); ui = EVP_MD_get_size(md_type); - if (ui < 0 || vi <= 0) { + if (ui <= 0 || vi <= 0) { ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_DIGEST_SIZE); goto end; } |