From: Pauli <pauli@openssl.org>
Date: Sun, 6 Jun 2021 23:45:40 +0000 (+1000)
Subject: evp: fix Coverity 1485669 improper use of negative value
X-Git-Tag: openssl-3.0.0-beta1~143
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=3f617061eceb2f33fb40682cc7b14cc4f9a2143f;p=thirdparty%2Fopenssl.git

evp: fix Coverity 1485669 improper use of negative value

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15635)
---

diff --git a/crypto/evp/ctrl_params_translate.c b/crypto/evp/ctrl_params_translate.c
index e289c7df7b2..6998dcc6fc1 100644
--- a/crypto/evp/ctrl_params_translate.c
+++ b/crypto/evp/ctrl_params_translate.c
@@ -1704,6 +1704,10 @@ static int get_ec_decoded_from_explicit_params(enum state state,
 #ifndef OPENSSL_NO_EC
     case EVP_PKEY_EC:
         val = EC_KEY_decoded_from_explicit_params(EVP_PKEY_get0_EC_KEY(pkey));
+        if (val < 0) {
+            ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_KEY);
+            return 0;
+        }
         break;
 #endif
     default: