X-Git-Url: https://git.proxmox.com/?a=blobdiff_plain;f=CryptoPkg%2FLibrary%2FBaseCryptLib%2FRand%2FCryptRand.c;h=4a056e89d81baa5d10e69b1af9fa9192d0432725;hb=dda39f3a5850458391aaab330971d46bc9c2b690;hp=3ead6d1906fa0142c6865ac7e56122da604e541f;hpb=a8c4464502aabcbda7032daddc772a1bc7386bdf;p=mirror_edk2.git

diff --git a/CryptoPkg/Library/BaseCryptLib/Rand/CryptRand.c b/CryptoPkg/Library/BaseCryptLib/Rand/CryptRand.c
index 3ead6d1906..4a056e89d8 100644
--- a/CryptoPkg/Library/BaseCryptLib/Rand/CryptRand.c
+++ b/CryptoPkg/Library/BaseCryptLib/Rand/CryptRand.c
@@ -1,7 +1,7 @@
 /** @file
   Pseudorandom Number Generator Wrapper Implementation over OpenSSL.
 
-Copyright (c) 2010, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2010 - 2012, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
@@ -43,6 +43,10 @@ RandomSeed (
   IN  UINTN         SeedSize
   )
 {
+  if (SeedSize > INT_MAX) {
+    return FALSE;
+  }
+
   //
   // Seed the pseudorandom number generator with user-supplied value.
   // NOTE: A cryptographic PRNG must be seeded with unpredictable data.
@@ -59,7 +63,7 @@ RandomSeed (
 /**
   Generates a pseudorandom byte stream of the specified size.
 
-  If Output is NULL, then ASSERT().
+  If Output is NULL, then return FALSE.
 
   @param[out]  Output  Pointer to buffer to receive random value.
   @param[in]   Size    Size of randome bytes to generate.
@@ -75,7 +79,12 @@ RandomBytes (
   IN   UINTN  Size
   )
 {
-  ASSERT (Output != NULL);
+  //
+  // Check input parameters.
+  //
+  if (Output == NULL || Size > INT_MAX) {
+    return FALSE;
+  }
 
   //
   // Generate random data.