From 295e65ca02e7cdf2d809b36a84b264c7935bfdfc Mon Sep 17 00:00:00 2001
From: toddouska <todd@wolfssl.com>
Date: Mon, 1 Dec 2014 14:23:10 -0800
Subject: [PATCH] add sanity size check to iv fill in case block size is bad

---
 src/internal.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/src/internal.c b/src/internal.c
index 700ddfa65..d395b977f 100644
--- a/src/internal.c
+++ b/src/internal.c
@@ -7166,6 +7166,9 @@ static int BuildMessage(CYASSL* ssl, byte* output, int outSz,
             ivSz = blockSz;
             sz  += ivSz;
 
+            if (ivSz > (word32)sizeof(iv))
+                return BUFFER_E;
+
             ret = RNG_GenerateBlock(ssl->rng, iv, ivSz);
             if (ret != 0)
                 return ret;