]> git.ipfire.org Git - thirdparty/openssl.git/commit
Fix coverity-1604666
authorNeil Horman <nhorman@openssl.org>
Mon, 15 Jul 2024 18:30:16 +0000 (14:30 -0400)
committerTomas Mraz <tomas@openssl.org>
Wed, 17 Jul 2024 14:31:26 +0000 (16:31 +0200)
commit1d37b00b28962095fba1baa1590d05539dcdc6db
tree5a75e88e21fd8544db04d3526bea5ba522af4af0
parent842959a0af1e661ee86e6e8327bab24143fa5f78
Fix coverity-1604666

Coverity recently flaged an error in which the return value for
EVP_MD_get_size wasn't checked for negative values prior to use, which
can cause underflow later in the function.

Just add the check and error out if get_size returns an error.

Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24896)

(cherry picked from commit 22e08c7cdc596d4f16749811d1022fb8b07a8e41)
crypto/rsa/rsa_oaep.c