diff options
| author | David Benjamin <davidben@chromium.org> | 2015-12-25 09:02:37 +0300 |
|---|---|---|
| committer | Adam Langley <alangley@gmail.com> | 2016-01-28 03:34:38 +0300 |
| commit | 719594e512841ef70ea128e3a08235cab7cef03d (patch) | |
| tree | c9b7ef25f993e1fba9dc9b309eb16bfa1348da11 /crypto/evp | |
| parent | b6155e60f3eab82ce35c27de90b642f59d26598b (diff) | |
Un-const EVP_PKEY_CTX_set0_rsa_oaep_label and fix overflow check.
It takes ownership of the buffer, so it's not actually const. The
const-ness gets dropped once it transits through EVP_PKEY_CTX_ctrl.
Also compare against INT_MAX explicitly for the overflow check. I'm not sure
whether the casting version is undefined, but comparing against INT_MAX matches
the rest of the codebase when transiting in and out of signed ints.
Change-Id: I131165a4b5f0ebe02c6db3e7e3e0d1af5b771710
Reviewed-on: https://boringssl-review.googlesource.com/6850
Reviewed-by: Adam Langley <alangley@gmail.com>
Diffstat (limited to 'crypto/evp')
| -rw-r--r-- | crypto/evp/p_rsa.c | 7 |
1 files changed, 3 insertions, 4 deletions
diff --git a/crypto/evp/p_rsa.c b/crypto/evp/p_rsa.c index edc61b1f..629c33a6 100644 --- a/crypto/evp/p_rsa.c +++ b/crypto/evp/p_rsa.c @@ -646,15 +646,14 @@ int EVP_PKEY_CTX_get_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD **out_md) { EVP_PKEY_CTRL_GET_RSA_MGF1_MD, 0, (void*) out_md); } -int EVP_PKEY_CTX_set0_rsa_oaep_label(EVP_PKEY_CTX *ctx, const uint8_t *label, +int EVP_PKEY_CTX_set0_rsa_oaep_label(EVP_PKEY_CTX *ctx, uint8_t *label, size_t label_len) { - int label_len_int = label_len; - if (((size_t) label_len_int) != label_len) { + if (label_len > INT_MAX) { return 0; } return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_RSA, EVP_PKEY_OP_TYPE_CRYPT, - EVP_PKEY_CTRL_RSA_OAEP_LABEL, label_len, + EVP_PKEY_CTRL_RSA_OAEP_LABEL, (int)label_len, (void *)label); } |