From bf0d972ab4aa04918dc57ba277454ea65bbdee26 Mon Sep 17 00:00:00 2001
From: Adam Langley <agl@google.com>
Date: Wed, 4 Nov 2015 14:51:39 -0800
Subject: [PATCH] system/vold: check return value of PKCS5_PBKDF2_HMAC_SHA1.

The function PKCS5_PBKDF2_HMAC_SHA1 can fail for a number of reasons and
thus its return value should be checked and handled.

Change-Id: I0f0d8f74b58940a34df16b88434a085760822075
---
 cryptfs.c | 8 +++-----
 1 file changed, 3 insertions(+), 5 deletions(-)

diff --git a/cryptfs.c b/cryptfs.c
index a905ff6..1d1a585 100644
--- a/cryptfs.c
+++ b/cryptfs.c
@@ -1253,11 +1253,9 @@ static int pbkdf2(const char *passwd, const unsigned char *salt,
     SLOGI("Using pbkdf2 for cryptfs KDF");
 
     /* Turn the password into a key and IV that can decrypt the master key */
-    PKCS5_PBKDF2_HMAC_SHA1(passwd, strlen(passwd),
-                           salt, SALT_LEN,
-                           HASH_COUNT, KEY_LEN_BYTES+IV_LEN_BYTES, ikey);
-
-    return 0;
+    return PKCS5_PBKDF2_HMAC_SHA1(passwd, strlen(passwd), salt, SALT_LEN,
+                                  HASH_COUNT, KEY_LEN_BYTES + IV_LEN_BYTES,
+                                  ikey) != 1;
 }
 
 static int scrypt(const char *passwd, const unsigned char *salt,