Found by Coverity
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
(Merged from https://github.com/openssl/openssl/pull/8260)
int rv = 1;
EVP_KDF_CTX *kctx;
int rv = 1;
EVP_KDF_CTX *kctx;
+ if (r > UINT32_MAX || p > UINT32_MAX) {
+ EVPerr(EVP_F_EVP_PBE_SCRYPT, EVP_R_PARAMETER_TOO_LARGE);
+ return 0;
+ }
+
/* Maintain existing behaviour. */
if (pass == NULL) {
pass = empty;
/* Maintain existing behaviour. */
if (pass == NULL) {
pass = empty;
if (kctx == NULL)
return 0;
if (kctx == NULL)
return 0;
- if (r > UINT32_MAX || p > UINT32_MAX) {
- EVPerr(EVP_F_EVP_PBE_SCRYPT, EVP_R_PARAMETER_TOO_LARGE);
- return 0;
- }
if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_PASS, pass, (size_t)passlen) != 1
|| EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SALT,
salt, (size_t)saltlen) != 1
if (EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_PASS, pass, (size_t)passlen) != 1
|| EVP_KDF_ctrl(kctx, EVP_KDF_CTRL_SET_SALT,
salt, (size_t)saltlen) != 1