From: Pauli <paul.dale@oracle.com>
Date: Thu, 14 Sep 2017 00:05:22 +0000 (+1000)
Subject: Ensure that the requested memory size cannot exceed the limit imposed by a
X-Git-Tag: OpenSSL_1_1_1-pre1~660
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=76b2ae832679d25e6952934481ac38e0e76e2271;p=oweals%2Fopenssl.git

Ensure that the requested memory size cannot exceed the limit imposed by a
size_t variable.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4357)
---

diff --git a/crypto/evp/pbe_scrypt.c b/crypto/evp/pbe_scrypt.c
index f04f6cda0a..80a1acd2ce 100644
--- a/crypto/evp/pbe_scrypt.c
+++ b/crypto/evp/pbe_scrypt.c
@@ -207,6 +207,8 @@ int EVP_PBE_scrypt(const char *pass, size_t passlen,
 
     if (maxmem == 0)
         maxmem = SCRYPT_MAX_MEM;
+    if (maxmem > SIZE_MAX)
+        maxmem = SIZE_MAX;
 
     if (Blen + Vlen > maxmem) {
         EVPerr(EVP_F_EVP_PBE_SCRYPT, EVP_R_MEMORY_LIMIT_EXCEEDED);