[openssl-commits] [openssl] master update

Wed May 4 12:37:29 UTC 2016

The branch master has been updated
       via  d5975c8d5a171551dd42ffa18ca12e84f29ad106 (commit)
       via  6dccec2b5990cd282725393c21b5524f4f774615 (commit)
      from  b1b3e14fbeb373a288ba20402600e071e6f402f8 (commit)


- Log -----------------------------------------------------------------
commit d5975c8d5a171551dd42ffa18ca12e84f29ad106
Author: Dr. Stephen Henson <steve at openssl.org>
Date:   Wed May 4 13:13:24 2016 +0100

    reject zero block length in PKCS12 keygen
    
    Reviewed-by: Richard Levitte <levitte at openssl.org>

commit 6dccec2b5990cd282725393c21b5524f4f774615
Author: Dr. Stephen Henson <steve at openssl.org>
Date:   Wed May 4 13:11:30 2016 +0100

    Fix Blake block length
    
    PR#4514
    
    Reviewed-by: Richard Levitte <levitte at openssl.org>

-----------------------------------------------------------------------

Summary of changes:
 crypto/blake2/m_blake2b.c | 2 +-
 crypto/blake2/m_blake2s.c | 2 +-
 crypto/pkcs12/p12_key.c   | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/crypto/blake2/m_blake2b.c b/crypto/blake2/m_blake2b.c
index 2135c7a..f613bff 100644
--- a/crypto/blake2/m_blake2b.c
+++ b/crypto/blake2/m_blake2b.c
@@ -49,7 +49,7 @@ static const EVP_MD blake2b_md = {
     final,
     NULL,
     NULL,
-    0,
+    BLAKE2B_BLOCKBYTES,
     sizeof(EVP_MD *) + sizeof(BLAKE2B_CTX),
 };
 
diff --git a/crypto/blake2/m_blake2s.c b/crypto/blake2/m_blake2s.c
index e699184..3fbb232 100644
--- a/crypto/blake2/m_blake2s.c
+++ b/crypto/blake2/m_blake2s.c
@@ -49,7 +49,7 @@ static const EVP_MD blake2s_md = {
     final,
     NULL,
     NULL,
-    0,
+    BLAKE2S_BLOCKBYTES,
     sizeof(EVP_MD *) + sizeof(BLAKE2S_CTX),
 };
 
diff --git a/crypto/pkcs12/p12_key.c b/crypto/pkcs12/p12_key.c
index 1a1ea70..764f91b 100644
--- a/crypto/pkcs12/p12_key.c
+++ b/crypto/pkcs12/p12_key.c
@@ -128,7 +128,7 @@ int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt,
 #endif
     v = EVP_MD_block_size(md_type);
     u = EVP_MD_size(md_type);
-    if (u < 0)
+    if (u < 0 || v <= 0)
         goto err;
     D = OPENSSL_malloc(v);
     Ai = OPENSSL_malloc(u);
