Check ECDH output buffer length and avoid truncation. - openbsd - A mirror of https://github.com/libressl/openbsd.git

diff options

author	jsing <>	2015-09-13 11:49:44 +0000
committer	jsing <>	2015-09-13 11:49:44 +0000
commit	aa9790509fcdc9b7899a04af0eddf1b611899d0f (patch)
tree	26ad5794d56d0f5b57b98ae4229d0178ef464bb9 /src/lib/libc
parent	955ad6f28695c5e5f8ae286a391cfd51835eaa2c (diff)
download	openbsd-aa9790509fcdc9b7899a04af0eddf1b611899d0f.tar.gz openbsd-aa9790509fcdc9b7899a04af0eddf1b611899d0f.tar.bz2 openbsd-aa9790509fcdc9b7899a04af0eddf1b611899d0f.zip

Check ECDH output buffer length and avoid truncation.

Currently, if you call ECDH_compute_key() it will silently truncate the resulting key if the output buffer is less than the key size. Instead, detect this condition and return an error. If the buffer provided is larger than the key length, zero the remainder. ok beck@ miod@ "+ shivers"

Diffstat (limited to 'src/lib/libc')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: