From: Tomas Mraz <tomas@openssl.org>
Date: Wed, 22 Jan 2025 15:55:35 +0000 (+0100)
Subject: template_kem.c: Check outlen before dereferencing it
X-Git-Tag: openssl-3.5.0-alpha1~689
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=2581ff619bbba7232ca5f6db200bab42ef72c33f;p=thirdparty%2Fopenssl.git

template_kem.c: Check outlen before dereferencing it

Fixes Coverity 1633353, 1633356, 1633357

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Paul Dale <ppzgs1@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/26522)
---

diff --git a/providers/implementations/kem/template_kem.c b/providers/implementations/kem/template_kem.c
index 6100db35363..e504d8709f6 100644
--- a/providers/implementations/kem/template_kem.c
+++ b/providers/implementations/kem/template_kem.c
@@ -143,7 +143,8 @@ static int template_encapsulate(void *vctx, unsigned char *out, size_t *outlen,
         *secretlen = 0; /* replace with real shared secret length */
 
     if (out == NULL) {
-        debug_print("encaps outlens set to %d and %d\n", *outlen, *secretlen);
+        if (outlen != NULL && secretlen != NULL)
+            debug_print("encaps outlens set to %d and %d\n", *outlen, *secretlen);
         return 1;
     }
 
@@ -164,7 +165,8 @@ static int template_decapsulate(void *vctx, unsigned char *out, size_t *outlen,
         *outlen = 0; /* replace with shared secret length */
 
     if (out == NULL) {
-        debug_print("decaps outlen set to %d \n", *outlen);
+        if (outlen != NULL)
+            debug_print("decaps outlen set to %d \n", *outlen);
         return 1;
     }