diff --git a/lib/openssl/oct.c b/lib/openssl/oct.c index df4f090..ef76b4e 100644 --- a/lib/openssl/oct.c +++ b/lib/openssl/oct.c @@ -45,7 +45,7 @@ jwk_make_execute(jose_cfg_t *cfg, json_t *jwk) if (json_unpack(jwk, "{s:I}", "bytes", &len) < 0) return false; - if (len > KEYMAX) + if (len <= 0 || len > KEYMAX) return false; if (RAND_bytes(key, len) <= 0)