add sanity size check to iv fill in case block size is bad

This commit is contained in:
toddouska 2014-12-01 14:23:10 -08:00
parent 4954043def
commit 295e65ca02

View File

@ -7166,6 +7166,9 @@ static int BuildMessage(CYASSL* ssl, byte* output, int outSz,
ivSz = blockSz; ivSz = blockSz;
sz += ivSz; sz += ivSz;
if (ivSz > (word32)sizeof(iv))
return BUFFER_E;
ret = RNG_GenerateBlock(ssl->rng, iv, ivSz); ret = RNG_GenerateBlock(ssl->rng, iv, ivSz);
if (ret != 0) if (ret != 0)
return ret; return ret;