evp: fix coverity 1485666 argument cannot be negative

author Pauli <pauli@openssl.org>

Sun, 6 Jun 2021 23:36:04 +0000 (09:36 +1000)

committer Pauli <pauli@openssl.org>

Tue, 8 Jun 2021 09:32:17 +0000 (19:32 +1000)
author Pauli <pauli@openssl.org>
Sun, 6 Jun 2021 23:36:04 +0000 (09:36 +1000)
committer Pauli <pauli@openssl.org>
Tue, 8 Jun 2021 09:32:17 +0000 (19:32 +1000)
diff --git a/crypto/evp/e_aes.c b/crypto/evp/e_aes.c

index e43076752f3a5dbbf2d468fe4e022def5dd3cbdf..6d5506056e14d2204387e01f8429f1c22e66b753 100644 (file)
--- a/crypto/evp/e_aes.c
+++ b/crypto/evp/e_aes.c
@@ -3555,21 +3555,25 @@ typedef struct {
  static int aes_wrap_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
                               const unsigned char *iv, int enc)
  {
+    int len;
      EVP_AES_WRAP_CTX *wctx = EVP_C_DATA(EVP_AES_WRAP_CTX,ctx);
-    if (!iv && !key)
+
+    if (iv == NULL && key == NULL)
          return 1;
-    if (key) {
+    if (key != NULL) {
          if (EVP_CIPHER_CTX_is_encrypting(ctx))
              AES_set_encrypt_key(key, EVP_CIPHER_CTX_get_key_length(ctx) * 8,
                                  &wctx->ks.ks);
          else
              AES_set_decrypt_key(key, EVP_CIPHER_CTX_get_key_length(ctx) * 8,
                                  &wctx->ks.ks);
-        if (!iv)
+        if (iv == NULL)
              wctx->iv = NULL;
      }
-    if (iv) {
-        memcpy(ctx->iv, iv, EVP_CIPHER_CTX_get_iv_length(ctx));
+    if (iv != NULL) {
+        if ((len = EVP_CIPHER_CTX_get_iv_length(ctx)) < 0)
+            return 0;
+        memcpy(ctx->iv, iv, len);
          wctx->iv = ctx->iv;
      }
      return 1;
author	Pauli <pauli@openssl.org>
	Sun, 6 Jun 2021 23:36:04 +0000 (09:36 +1000)
committer	Pauli <pauli@openssl.org>
	Tue, 8 Jun 2021 09:32:17 +0000 (19:32 +1000)