From: Dr. Stephen Henson <steve@openssl.org>
Date: Wed, 4 May 2016 12:13:24 +0000 (+0100)
Subject: reject zero block length in PKCS12 keygen
X-Git-Tag: OpenSSL_1_1_0-pre6~933
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=d5975c8d5a171551dd42ffa18ca12e84f29ad106;p=openssl

reject zero block length in PKCS12 keygen

Reviewed-by: Richard Levitte <levitte@openssl.org>
---

diff --git a/crypto/pkcs12/p12_key.c b/crypto/pkcs12/p12_key.c
index 1a1ea7059c..764f91bab9 100644
--- a/crypto/pkcs12/p12_key.c
+++ b/crypto/pkcs12/p12_key.c
@@ -128,7 +128,7 @@ int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt,
 #endif
     v = EVP_MD_block_size(md_type);
     u = EVP_MD_size(md_type);
-    if (u < 0)
+    if (u < 0 || v <= 0)
         goto err;
     D = OPENSSL_malloc(v);
     Ai = OPENSSL_malloc(u);