From 9f1b3050d9e31e9283d818f3640f3460ac8cfb5b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Martin=20Storsj=C3=B6?= <martin@martin.st>
Date: Thu, 28 May 2015 10:08:27 +0300
Subject: [PATCH] rtmpdh: Check the output buffer size in the openssl version
 of dh_compute_key
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Martin Storsjö <martin@martin.st>
---
 libavformat/rtmpdh.c | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/libavformat/rtmpdh.c b/libavformat/rtmpdh.c
index bd9813d600..80cced9312 100644
--- a/libavformat/rtmpdh.c
+++ b/libavformat/rtmpdh.c
@@ -189,7 +189,14 @@ void ff_dh_free(FF_DH *dh)
 
 #define dh_new()                                DH_new()
 #define dh_generate_key(dh)                     DH_generate_key(dh)
-#define dh_compute_key(dh, pub, len, secret)    DH_compute_key(secret, pub, dh)
+
+static int dh_compute_key(FF_DH *dh, FFBigNum pub_key_bn,
+                          uint32_t secret_key_len, uint8_t *secret_key)
+{
+    if (secret_key_len < DH_size(dh))
+        return AVERROR(EINVAL);
+    return DH_compute_key(secret_key, pub_key_bn, dh);
+}
 
 void ff_dh_free(FF_DH *dh)
 {