OpenSSL: Make fips186_2_prf() easier for static analyzers

Explicitly validate seed_len to skip memset call with zero length of
copied data at the end of the buffer. This is not really needed, but it
makes the code a bit easier for static analyzers. This is identical to
the commit a9ea17491a2c9e95bf9ac98fd36e56fde3faf188 but for the OpenSSL
version of the function.

Signed-hostap: Jouni Malinen <j@w1.fi>

diff --git a/src/crypto/fips_prf_openssl.c b/src/crypto/fips_prf_openssl.c
index 92f0b57..d69ecea 100644 (file)
--- a/src/crypto/fips_prf_openssl.c
+++ b/src/crypto/fips_prf_openssl.c
@@ -31,13 +31,14 @@ int fips186_2_prf(const u8 *seed, size_t seed_len, u8 *x, size_t xlen)
        u8 *xpos = x;
        u32 carry;
 
-       if (seed_len > sizeof(xkey))
+       if (seed_len < sizeof(xkey))
+               os_memset(xkey + seed_len, 0, sizeof(xkey) - seed_len);
+       else
                seed_len = sizeof(xkey);
 
        /* FIPS 186-2 + change notice 1 */
 
        os_memcpy(xkey, seed, seed_len);
-       os_memset(xkey + seed_len, 0, 64 - seed_len);
        t[0] = 0x67452301;
        t[1] = 0xEFCDAB89;
        t[2] = 0x98BADCFE;