diff options
| author | Richard Levitte <levitte@openssl.org> | 2019-04-15 09:37:51 +0200 |
|---|---|---|
| committer | Richard Levitte <levitte@openssl.org> | 2019-04-15 10:46:09 +0200 |
| commit | 0ad50b4dee36d4b576473ccbf744284d66fbffd6 (patch) | |
| tree | bd36098c772345c31c023eef2e7b8399b773cd84 /providers | |
| parent | Fix calling convention bug in ecp_nistz256_ord_sqr_mont (diff) | |
| download | openssl-0ad50b4dee36d4b576473ccbf744284d66fbffd6.tar.xz openssl-0ad50b4dee36d4b576473ccbf744284d66fbffd6.zip | |
Providers: for the digest_final operation, pass a output buffer size
This allows the provider digest_final operation to check that it
doesn't over-run the output buffer.
The EVP_DigestFinal_ex function doesn't take that same parameter, so
it will have to assume that the user provided a properly sized buffer,
but this leaves better room for future enhancements of the public API.
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8747)
Diffstat (limited to 'providers')
| -rw-r--r-- | providers/common/digests/sha2.c | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/providers/common/digests/sha2.c b/providers/common/digests/sha2.c index 4332e9818e..fb2bd95f52 100644 --- a/providers/common/digests/sha2.c +++ b/providers/common/digests/sha2.c @@ -11,10 +11,12 @@ #include <openssl/crypto.h> #include <openssl/core_numbers.h> -static int sha256_final(void *ctx, unsigned char *md, size_t *size) +static int sha256_final(void *ctx, + unsigned char *md, size_t *mdl, size_t mdsz) { - if (SHA256_Final(md, ctx)) { - *size = SHA256_DIGEST_LENGTH; + if (mdsz >= SHA256_DIGEST_LENGTH + && SHA256_Final(md, ctx)) { + *mdl = SHA256_DIGEST_LENGTH; return 1; } |