From 76b2ae832679d25e6952934481ac38e0e76e2271 Mon Sep 17 00:00:00 2001
From: Pauli <paul.dale@oracle.com>
Date: Thu, 14 Sep 2017 10:05:22 +1000
Subject: [PATCH] Ensure that the requested memory size cannot exceed the limit
 imposed by a size_t variable.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4357)
---
 crypto/evp/pbe_scrypt.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/crypto/evp/pbe_scrypt.c b/crypto/evp/pbe_scrypt.c
index f04f6cda0a..80a1acd2ce 100644
--- a/crypto/evp/pbe_scrypt.c
+++ b/crypto/evp/pbe_scrypt.c
@@ -207,6 +207,8 @@ int EVP_PBE_scrypt(const char *pass, size_t passlen,
 
     if (maxmem == 0)
         maxmem = SCRYPT_MAX_MEM;
+    if (maxmem > SIZE_MAX)
+        maxmem = SIZE_MAX;
 
     if (Blen + Vlen > maxmem) {
         EVPerr(EVP_F_EVP_PBE_SCRYPT, EVP_R_MEMORY_LIMIT_EXCEEDED);
-- 
2.25.1