cyassl: Check for invalid length parameter in Curl_cyassl_random

author: Jay Satiro <raysatiro@yahoo.com> 2015-03-25 02:37:20 -0400
committer: Daniel Stenberg <daniel@haxx.se> 2015-03-25 08:08:12 +0100
commit: d29f8b460c9d4b5609c2330d97ecf9ffec210453 (patch)
tree: 7b90ff0685eaf0fff57d446643ffb5451484b101
parent: ec319626405db23d87c2b3281463d8d641dc16e8 (diff)
1 files changed, 3 insertions, 1 deletions
diff --git a/lib/vtls/cyassl.c b/lib/vtls/cyassl.c
index 090270a08..72e1792df 100644
--- a/lib/vtls/cyassl.c
+++ b/lib/vtls/cyassl.c
@@ -640,7 +640,9 @@ int Curl_cyassl_random(struct SessionHandle *data,
   (void)data;
   if(InitRng(&rng))
     return 1;
-  if(RNG_GenerateBlock(&rng, entropy, length))
+  if(length > UINT_MAX)
+    return 1;
+  if(RNG_GenerateBlock(&rng, entropy, (unsigned)length))
     return 1;
   return 0;
 }
author	Jay Satiro <raysatiro@yahoo.com>	2015-03-25 02:37:20 -0400
committer	Daniel Stenberg <daniel@haxx.se>	2015-03-25 08:08:12 +0100
commit	d29f8b460c9d4b5609c2330d97ecf9ffec210453 (patch)
tree	7b90ff0685eaf0fff57d446643ffb5451484b101
parent	ec319626405db23d87c2b3281463d8d641dc16e8 (diff)