add sanity size check to iv fill in case block size is bad
This commit is contained in:
parent
4954043def
commit
295e65ca02
@ -7166,6 +7166,9 @@ static int BuildMessage(CYASSL* ssl, byte* output, int outSz,
|
|||||||
ivSz = blockSz;
|
ivSz = blockSz;
|
||||||
sz += ivSz;
|
sz += ivSz;
|
||||||
|
|
||||||
|
if (ivSz > (word32)sizeof(iv))
|
||||||
|
return BUFFER_E;
|
||||||
|
|
||||||
ret = RNG_GenerateBlock(ssl->rng, iv, ivSz);
|
ret = RNG_GenerateBlock(ssl->rng, iv, ivSz);
|
||||||
if (ret != 0)
|
if (ret != 0)
|
||||||
return ret;
|
return ret;
|
||||||
|
Loading…
Reference in New Issue
Block a user