From 8e3e1dfeaaa4130e2bf1951d21a0615b7ce72c8f Mon Sep 17 00:00:00 2001
From: "Dr. Matthias St. Pierre" <matthias.st.pierre@ncp-e.com>
Date: Sat, 4 Jul 2020 12:29:14 +0200
Subject: test/drbgtest.c: Remove error check for large generate requests

The behaviour of RAND_DRBG_generate() has changed. Previously, it
would fail for requests larger than max_request, now it automatically
splits large input into chunks (which was previously done only
by RAND_DRBG_bytes() before calling RAND_DRBG_generate()).

So this test has not only become obsolete, the fact that it succeeded
unexpectedly also caused a buffer overflow that terminated the test.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11195)
---
 test/drbgtest.c | 6 ------
 1 file changed, 6 deletions(-)

diff --git a/test/drbgtest.c b/test/drbgtest.c
index 118677c2ed..058b0a4050 100644
--- a/test/drbgtest.c
+++ b/test/drbgtest.c
@@ -176,7 +176,6 @@ DRBG_SIZE_T(min_noncelen)
 DRBG_SIZE_T(max_noncelen)
 DRBG_SIZE_T(max_perslen)
 DRBG_SIZE_T(max_adinlen)
-DRBG_SIZE_T(max_request)
 
 #define DRBG_UINT(name)                                 \
     static unsigned int name(RAND_DRBG *drbg)           \
@@ -491,11 +490,6 @@ static int error_check(DRBG_SELFTEST_DATA *td)
                                              td->adin, td->adinlen)))
         goto err;
 
-    /* Request too much data for one request */
-    if (!TEST_false(RAND_DRBG_generate(drbg, buff, max_request(drbg) + 1, 0,
-                                       td->adin, td->adinlen)))
-        goto err;
-
     /* Try too large additional input */
     if (!TEST_false(RAND_DRBG_generate(drbg, buff, td->exlen, 0,
                                        td->adin, max_adinlen(drbg) + 1)))
-- 
cgit v1.2.3