[openssl] master update
Matt Caswell
matt at openssl.org
Mon Feb 18 09:48:58 UTC 2019
The branch master has been updated
via 4c3941c2eb22c44398bccb50dbd019530bb01c7d (commit)
from 3037d0aadf7c0230021aa73e1f3db0d9f25008a9 (commit)
- Log -----------------------------------------------------------------
commit 4c3941c2eb22c44398bccb50dbd019530bb01c7d
Author: Matt Caswell <matt at openssl.org>
Date: Sun Feb 17 16:13:08 2019 +0000
Don't leak EVP_KDF_CTX on error
Found by Coverity
Reviewed-by: Kurt Roeckx <kurt at roeckx.be>
(Merged from https://github.com/openssl/openssl/pull/8260)
-----------------------------------------------------------------------
Summary of changes:
crypto/evp/pbe_scrypt.c | 9 +++++----
1 file changed, 5 insertions(+), 4 deletions(-)
diff --git a/crypto/evp/pbe_scrypt.c b/crypto/evp/pbe_scrypt.c
index f8ea1fa..7224025 100644
--- a/crypto/evp/pbe_scrypt.c
+++ b/crypto/evp/pbe_scrypt.c
@@ -41,6 +41,11 @@ int EVP_PBE_scrypt(const char *pass, size_t passlen,
int rv = 1;
EVP_KDF_CTX *kctx;
+ if (r > UINT32_MAX || p > UINT32_MAX) {
+ EVPerr(EVP_F_EVP_PBE_SCRYPT, EVP_R_PARAMETER_TOO_LARGE);
+ return 0;
+ }
+
/* Maintain existing behaviour. */
if (pass == NULL) {
pass = empty;
@@ -53,10 +58,6 @@ int EVP_PBE_scrypt(const char *pass, size_t passlen,
if (kctx == NULL)
return 0;
- if (r > UINT32_MAX || p > UINT32_MAX) {
- EVPerr(EVP_F_EVP_PBE_SCRYPT, EVP_R_PARAMETER_TOO_LARGE);
- return 0;
- }
if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_PASS, pass, (size_t)passlen) != 1
|| EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SALT,
salt, (size_t)saltlen) != 1
More information about the openssl-commits
mailing list