]> git.ipfire.org Git - thirdparty/openssl.git/commitdiff
projects / thirdparty / openssl.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 1f9ad4f)
Fix coverity CID #1452773 - Dereference before NULL check in EVP_DigestFinal_ex()
authorShane Lontis <shane.lontis@oracle.com>
Tue, 11 Aug 2020 07:31:11 +0000 (17:31 +1000)
committerShane Lontis <shane.lontis@oracle.com>
Mon, 24 Aug 2020 01:19:28 +0000 (11:19 +1000)
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12628)

crypto/evp/digest.c patch | blob | blame | history

diff --git a/crypto/evp/digest.c b/crypto/evp/digest.c
index f5ec573828aba95a537a96ce05e1d38b453d8639..f9ba59ca6352b7f356aae3aa390734667354c9d8 100644 (file)
--- a/crypto/evp/digest.c
+++ b/crypto/evp/digest.c
@@ -367,11 +367,18 @@ int EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size)
 /* The caller can assume that this removes any secret data from the context */
 int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *isize)
 {
-    int ret;
+    int ret, sz;
     size_t size = 0;
-    size_t mdsize = EVP_MD_size(ctx->digest);
+    size_t mdsize = 0;
 
-    if (ctx->digest == NULL || ctx->digest->prov == NULL)
+    if (ctx->digest == NULL)
+        return 0;
+
+    sz = EVP_MD_size(ctx->digest);
+    if (sz < 0)
+        return 0;
+    mdsize = sz;
+    if (ctx->digest->prov == NULL)
         goto legacy;
 
     if (ctx->digest->dfinal == NULL) {
Mirror of https://github.com/openssl/openssl.git