From 95d9a625dbc88bd8b8192d34371e4cdd373238d8 Mon Sep 17 00:00:00 2001
From: Frank Denis <github@pureftpd.org>
Date: Wed, 7 May 2014 00:27:18 -0700
Subject: [PATCH] pwhash_scrypt(): do not allow outlen to be > SIZE_MAX

---
 .../scryptxsalsa208sha256/pwhash_scryptxsalsa208sha256.c      | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/libsodium/crypto_pwhash/scryptxsalsa208sha256/pwhash_scryptxsalsa208sha256.c b/src/libsodium/crypto_pwhash/scryptxsalsa208sha256/pwhash_scryptxsalsa208sha256.c
index 3165ba2f..1b254657 100644
--- a/src/libsodium/crypto_pwhash/scryptxsalsa208sha256/pwhash_scryptxsalsa208sha256.c
+++ b/src/libsodium/crypto_pwhash/scryptxsalsa208sha256/pwhash_scryptxsalsa208sha256.c
@@ -61,7 +61,7 @@ crypto_pwhash_scryptxsalsa208sha256(unsigned char * const out,
     uint32_t p;
     uint32_t r;
 
-    if (passwdlen > SIZE_MAX) {
+    if (passwdlen > SIZE_MAX || outlen > SIZE_MAX) {
         errno = EFBIG;
         return -1;
     }
@@ -73,5 +73,5 @@ crypto_pwhash_scryptxsalsa208sha256(unsigned char * const out,
                                 (const uint8_t *) salt,
                                 crypto_pwhash_scryptxsalsa208sha256_SALTBYTES,
                                 (uint64_t) (1) << N_log2, r, p,
-                                out, outlen);
+                                out, (size_t) outlen);
 }