diff options
| author | Dr. Matthias St. Pierre <matthias.st.pierre@ncp-e.com> | 2020-07-04 12:29:14 +0200 |
|---|---|---|
| committer | Dr. Matthias St. Pierre <matthias.st.pierre@ncp-e.com> | 2020-07-23 01:12:48 +0200 |
| commit | 8e3e1dfeaaa4130e2bf1951d21a0615b7ce72c8f (patch) | |
| tree | d0574943dc92870e69829871d589b49da162fe1d | |
| parent | 9fb6692c1b129fa61277ae0482975a935274c6fd (diff) | |
| download | openssl-8e3e1dfeaaa4130e2bf1951d21a0615b7ce72c8f.tar.gz | |
test/drbgtest.c: Remove error check for large generate requests
The behaviour of RAND_DRBG_generate() has changed. Previously, it
would fail for requests larger than max_request, now it automatically
splits large input into chunks (which was previously done only
by RAND_DRBG_bytes() before calling RAND_DRBG_generate()).
So this test has not only become obsolete, the fact that it succeeded
unexpectedly also caused a buffer overflow that terminated the test.
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11195)
| -rw-r--r-- | test/drbgtest.c | 6 |
1 files changed, 0 insertions, 6 deletions
diff --git a/test/drbgtest.c b/test/drbgtest.c index 118677c2ed..058b0a4050 100644 --- a/test/drbgtest.c +++ b/test/drbgtest.c @@ -176,7 +176,6 @@ DRBG_SIZE_T(min_noncelen) DRBG_SIZE_T(max_noncelen) DRBG_SIZE_T(max_perslen) DRBG_SIZE_T(max_adinlen) -DRBG_SIZE_T(max_request) #define DRBG_UINT(name) \ static unsigned int name(RAND_DRBG *drbg) \ @@ -491,11 +490,6 @@ static int error_check(DRBG_SELFTEST_DATA *td) td->adin, td->adinlen))) goto err; - /* Request too much data for one request */ - if (!TEST_false(RAND_DRBG_generate(drbg, buff, max_request(drbg) + 1, 0, - td->adin, td->adinlen))) - goto err; - /* Try too large additional input */ if (!TEST_false(RAND_DRBG_generate(drbg, buff, td->exlen, 0, td->adin, max_adinlen(drbg) + 1))) |