Resize a local buffer to accomodate the size requirements of AES.

author Richard Levitte <levitte@openssl.org>

Sun, 8 Apr 2001 05:41:42 +0000 (05:41 +0000)

committer Richard Levitte <levitte@openssl.org>

Sun, 8 Apr 2001 05:41:42 +0000 (05:41 +0000)
author Richard Levitte <levitte@openssl.org>
Sun, 8 Apr 2001 05:41:42 +0000 (05:41 +0000)
committer Richard Levitte <levitte@openssl.org>
Sun, 8 Apr 2001 05:41:42 +0000 (05:41 +0000)
diff --git a/ssl/s3_enc.c b/ssl/s3_enc.c

index 9e442a1f1bf2c95d29f9764efa082f881ebdd7d3..2112602dc867fb275f7dbc23e950f85e2a76caf0 100644 (file)
--- a/ssl/s3_enc.c
+++ b/ssl/s3_enc.c
@@ -57,6 +57,7 @@
   */
  
  #include <stdio.h>
+#include <assert.h>
  #include <openssl/md5.h>
  #include <openssl/sha.h>
  #include <openssl/evp.h>
@@ -85,7 +86,7 @@ static void ssl3_generate_key_block(SSL *s, unsigned char *km, int num)
         {
         MD5_CTX m5;
         SHA_CTX s1;
-       unsigned char buf[8],smd[SHA_DIGEST_LENGTH];
+       unsigned char buf[16],smd[SHA_DIGEST_LENGTH];
         unsigned char c='A';
         int i,j,k;
  
@@ -96,6 +97,9 @@ static void ssl3_generate_key_block(SSL *s, unsigned char *km, int num)
         for (i=0; i<num; i+=MD5_DIGEST_LENGTH)
                 {
                 k++;
+               /* If this assert is triggered, it means buf needs to be
+                  resized.  This should never be triggered in a release. */
+               assert(k <= sizeof(buf));
                 for (j=0; j<k; j++)
                         buf[j]=c;
                 c++;
author	Richard Levitte <levitte@openssl.org>
	Sun, 8 Apr 2001 05:41:42 +0000 (05:41 +0000)
committer	Richard Levitte <levitte@openssl.org>
	Sun, 8 Apr 2001 05:41:42 +0000 (05:41 +0000)