From: Tomas Mraz <tomas@openssl.org>
Date: Tue, 29 Oct 2024 09:03:53 +0000 (+0100)
Subject: speed.c: Check for 0 block size
X-Git-Tag: openssl-3.5.0-alpha1~953
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=59f5f6c73cd2e1e2bd8ef405fdb6fadf0711f639;p=thirdparty%2Fopenssl.git

speed.c: Check for 0 block size

Although this cannot really happen check for 0 block size
to avoid division by 0.

Fixes Coverity 1633936

Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Saša Nedvědický <sashan@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25822)
---

diff --git a/apps/speed.c b/apps/speed.c
index a6da71fe6d6..c3bc223a9d7 100644
--- a/apps/speed.c
+++ b/apps/speed.c
@@ -1448,8 +1448,13 @@ static int SIG_verify_loop(void *args)
 static int check_block_size(EVP_CIPHER_CTX *ctx, int length)
 {
     const EVP_CIPHER *ciph = EVP_CIPHER_CTX_get0_cipher(ctx);
+    int blocksize = EVP_CIPHER_CTX_get_block_size(ctx);
 
-    if (length % EVP_CIPHER_get_block_size(ciph) != 0) {
+    if (ciph == NULL || blocksize <= 0) {
+        BIO_printf(bio_err, "\nInvalid cipher!\n");
+        return 0;
+    }
+    if (length % blocksize != 0) {
         BIO_printf(bio_err,
                    "\nRequested encryption length not a multiple of block size for %s!\n",
                    EVP_CIPHER_get0_name(ciph));