11 lines
400 B
Diff
11 lines
400 B
Diff
--- crypto/openssl/crypto/evp/e_rc4_hmac_md5.c.orig
|
|
+++ crypto/openssl/crypto/evp/e_rc4_hmac_md5.c
|
|
@@ -267,6 +267,8 @@
|
|
len = p[arg - 2] << 8 | p[arg - 1];
|
|
|
|
if (!ctx->encrypt) {
|
|
+ if (len < MD5_DIGEST_LENGTH)
|
|
+ return -1;
|
|
len -= MD5_DIGEST_LENGTH;
|
|
p[arg - 2] = len >> 8;
|
|
p[arg - 1] = len;
|