cyassl: Check for invalid length parameter in Curl_cyassl_random

curl · Mar 25, 2015 · d29f8b4 · d29f8b4
1 parent ec31962
commit d29f8b4
Showing 1 changed file with 3 additions and 1 deletion.
diff --git a/lib/vtls/cyassl.c b/lib/vtls/cyassl.c
@@ -640,7 +640,9 @@ int Curl_cyassl_random(struct SessionHandle *data,
   (void)data;
   if(InitRng(&rng))
     return 1;
-  if(RNG_GenerateBlock(&rng, entropy, length))
+  if(length > UINT_MAX)
+    return 1;
+  if(RNG_GenerateBlock(&rng, entropy, (unsigned)length))
     return 1;
   return 0;
 }