Revamp rc4_set_key()

* Bounds check key.size before casting.

1 files changed, 17 insertions, 5 deletions

diff --git a/lib/crypto/c_src/rc4.c b/lib/crypto/c_src/rc4.c
index 483c87b04b..d5b32d88bd 100644
--- a/lib/crypto/c_src/rc4.c
+++ b/lib/crypto/c_src/rc4.c
@@ -25,15 +25,27 @@ ERL_NIF_TERM rc4_set_key(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[])
 #ifndef OPENSSL_NO_RC4
     ErlNifBinary key;
     ERL_NIF_TERM ret;
+    RC4_KEY *rc4_key;
 
     CHECK_NO_FIPS_MODE();
 
-    if (!enif_inspect_iolist_as_binary(env,argv[0], &key)) {
-	return enif_make_badarg(env);
-    }
-    RC4_set_key((RC4_KEY*)enif_make_new_binary(env, sizeof(RC4_KEY), &ret),
-		key.size, key.data);
+    if (argc != 1)
+        goto bad_arg;
+    if (!enif_inspect_iolist_as_binary(env, argv[0], &key))
+        goto bad_arg;
+    if (key.size > INT_MAX)
+        goto bad_arg;
+
+    if ((rc4_key = (RC4_KEY*)enif_make_new_binary(env, sizeof(RC4_KEY), &ret)) == NULL)
+        goto err;
+
+    RC4_set_key(rc4_key, (int)key.size, key.data);
     return ret;
+
+ bad_arg:
+ err:
+    return enif_make_badarg(env);
+
 #else
     return enif_raise_exception(env, atom_notsup);
 #endif