From: Tomas Mraz <tomas@openssl.org>
Date: Mon, 19 Apr 2021 13:34:59 +0000 (+0200)
Subject: Removed dead code in linebuffer_ctrl()
X-Git-Tag: openssl-3.0.0-alpha16~162
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=59088414bc3b863a3dc287de76c53464bd7ff6fa;p=thirdparty%2Fopenssl.git

Removed dead code in linebuffer_ctrl()

Fixes Coverity CID 1476284

Also add possible number truncation check.

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14928)
---

diff --git a/crypto/bio/bf_lbuf.c b/crypto/bio/bf_lbuf.c
index e9b946fe872..946ff0d23b2 100644
--- a/crypto/bio/bf_lbuf.c
+++ b/crypto/bio/bf_lbuf.c
@@ -232,12 +232,12 @@ static long linebuffer_ctrl(BIO *b, int cmd, long num, void *ptr)
         }
         break;
     case BIO_C_SET_BUFF_SIZE:
+        if (num > INT_MAX)
+            return 0;
         obs = (int)num;
         p = ctx->obuf;
         if ((obs > DEFAULT_LINEBUFFER_SIZE) && (obs != ctx->obuf_size)) {
-            if (num <= 0)
-                return 0;
-            p = OPENSSL_malloc((size_t)num);
+            p = OPENSSL_malloc((size_t)obs);
             if (p == NULL)
                 goto malloc_error;
         }