fix Coverity 1604662

Coverity flagged an issue in our bio_enc tests in which we failed to
check the return code of BIO_read for an error condition which can lead
to our length computation going backwards.

Just check the error code before adding it to length

Fixes openssl/project#779

Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
(Merged from https://github.com/openssl/openssl/pull/25006)

diff --git a/test/bio_enc_test.c b/test/bio_enc_test.c
index 724de207ac94d326d11569eb144277eae37cdb00..fffb8da3a434bc1fae23dbbea789ca57321f73dc 100644 (file)
--- a/test/bio_enc_test.c
+++ b/test/bio_enc_test.c
@@ -41,7 +41,7 @@ static int do_bio_cipher(const EVP_CIPHER* cipher, const unsigned char* key,
     BIO *b, *mem;
     static unsigned char inp[BUF_SIZE] = { 0 };
     unsigned char out[BUF_SIZE], ref[BUF_SIZE];
-    int i, lref, len;
+    int i, lref, len, tmplen;
 
     /* Fill buffer with non-zero data so that over steps can be detected */
     if (!TEST_int_gt(RAND_bytes(inp, DATA_SIZE), 0))
@@ -77,13 +77,20 @@ static int do_bio_cipher(const EVP_CIPHER* cipher, const unsigned char* key,
         BIO_push(b, mem);
         memset(out, 0, sizeof(out));
         out[i] = ~ref[i];
-        len = BIO_read(b, out, i);
+        tmplen = BIO_read(b, out, i);
+        if (tmplen < 0)
+            goto err;
+        len = tmplen;
         /* check for overstep */
         if (!TEST_uchar_eq(out[i], (unsigned char)~ref[i])) {
             TEST_info("Encrypt overstep check failed @ operation %d", i);
             goto err;
         }
-        len += BIO_read(b, out + len, sizeof(out) - len);
+        tmplen = BIO_read(b, out + len, sizeof(out) - len);
+        if (tmplen < 0)
+            goto err;
+        len += tmplen;
+
         BIO_free_all(b);
 
         if (!TEST_mem_eq(out, len, ref, lref)) {