From e084364e9e41cbc1933a5c0646ce6ad42f4ff8d1 Mon Sep 17 00:00:00 2001
From: Doug Hogan <hogand@users.noreply.github.com>
Date: Thu, 3 Jan 2019 19:27:59 -0800
Subject: Revamp rand_seed_nif()

* Bounds check before casting.
---
 lib/crypto/c_src/rand.c | 15 +++++++++++----
 1 file changed, 11 insertions(+), 4 deletions(-)

(limited to 'lib/crypto/c_src/rand.c')

diff --git a/lib/crypto/c_src/rand.c b/lib/crypto/c_src/rand.c
index 4f3c8dd500..dd1a7a1600 100644
--- a/lib/crypto/c_src/rand.c
+++ b/lib/crypto/c_src/rand.c
@@ -130,12 +130,19 @@ ERL_NIF_TERM rand_uniform_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[
 }
 
 ERL_NIF_TERM rand_seed_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[])
-{
+{/* (Seed) */
     ErlNifBinary seed_bin;
 
+    if (argc != 1)
+        goto bad_arg;
     if (!enif_inspect_binary(env, argv[0], &seed_bin))
-        return enif_make_badarg(env);
-    RAND_seed(seed_bin.data,seed_bin.size);
+        goto bad_arg;
+    if (seed_bin.size > INT_MAX)
+        goto bad_arg;
+
+    RAND_seed(seed_bin.data, (int)seed_bin.size);
     return atom_ok;
-}
 
+ bad_arg:
+    return enif_make_badarg(env);
+}
-- 
cgit v1.2.3