From: Pauli <pauli@openssl.org>
Date: Sun, 6 Jun 2021 23:20:16 +0000 (+1000)
Subject: bio: improve error checking fixing coverity 1485659 & 1485665
X-Git-Tag: openssl-3.0.0-beta1~150
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=37bbe449294b63f87b03e792cae465b0b095299a;p=thirdparty%2Fopenssl.git

bio: improve error checking fixing coverity 1485659 & 1485665

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15635)
---

diff --git a/crypto/evp/bio_ok.c b/crypto/evp/bio_ok.c
index 97641d11d1d..97e67fcb681 100644
--- a/crypto/evp/bio_ok.c
+++ b/crypto/evp/bio_ok.c
@@ -483,9 +483,11 @@ static int sig_in(BIO *b)
     void *md_data;
 
     ctx = BIO_get_data(b);
-    md = ctx->md;
+    if ((md = ctx->md) == NULL)
+        goto berr;
     digest = EVP_MD_CTX_get0_md(md);
-    md_size = EVP_MD_get_size(digest);
+    if ((md_size = EVP_MD_get_size(digest)) < 0)
+        goto berr;
     md_data = EVP_MD_CTX_get0_md_data(md);
 
     if ((int)(ctx->buf_len - ctx->buf_off) < 2 * md_size)
@@ -562,6 +564,8 @@ static int block_in(BIO *b)
     ctx = BIO_get_data(b);
     md = ctx->md;
     md_size = EVP_MD_get_size(EVP_MD_CTX_get0_md(md));
+    if (md_size < 0)
+        goto berr;
 
     assert(sizeof(tl) >= OK_BLOCK_BLOCK); /* always true */
     tl = ctx->buf[0];