chore: limit number of random bytes generated (#773)

* chore: limit number of random bytes generated

Author: ajewellamz

include/aws/cryptosdk/private/cipher.h

@@ -147,6 +147,10 @@ int aws_cryptosdk_encrypt_body(
     uint8_t *tag, /* out */
     int body_frame_type);
 
+// Even though `len` is of type `size_t`, this function is limited
+// by the underlying OpenSSL function, which takes an `int`
+// and so aws_cryptosdk_genrandom will return an error if asked for
+// more than INT_MAX (2 billion) bytes of randomness.
 int aws_cryptosdk_genrandom(uint8_t *buf, size_t len);
 
 // TODO: Footer

source/cipher.c

@@ -805,12 +805,19 @@ int aws_cryptosdk_decrypt_body(
     }
 }
 
+// Even though `len` is of type `size_t`, this function is limited
+// by the underlying OpenSSL function, which takes an `int`
+// and so aws_cryptosdk_genrandom will return an error if asked for
+// more than INT_MAX (2 billion) bytes of randomness.
 int aws_cryptosdk_genrandom(uint8_t *buf, size_t len) {
     AWS_FATAL_PRECONDITION(AWS_MEM_IS_WRITABLE(buf, len));
 
     if (len == 0) {
         return 0;
     }
+    if (len > INT_MAX) {
+        return aws_raise_error(AWS_CRYPTOSDK_ERR_LIMIT_EXCEEDED);
+    }
     int rc = RAND_bytes(buf, len);
 
     if (rc != 1) {