From: Shane Lontis <shane.lontis@oracle.com>
Date: Thu, 10 Sep 2020 08:19:13 +0000 (+1000)
Subject: Fix coverity issue: CID 1466483 - Improper use of Negative value in dh_ctrl.c
X-Git-Tag: openssl-3.0.0-alpha7~294
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=9951eaf467f8cc43ffad69222b42340c3b24cd52;p=thirdparty%2Fopenssl.git

Fix coverity issue: CID 1466483 - Improper use of Negative value in dh_ctrl.c

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12847)
---

diff --git a/crypto/dh/dh_ctrl.c b/crypto/dh/dh_ctrl.c
index 6fddd271a88..0db5eba5052 100644
--- a/crypto/dh/dh_ctrl.c
+++ b/crypto/dh/dh_ctrl.c
@@ -500,6 +500,9 @@ int EVP_PKEY_CTX_set0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len)
     int ret;
     OSSL_PARAM params[2], *p = params;
 
+    if (len <= 0)
+        return -1;
+
     ret = dh_param_derive_check(ctx);
     if (ret != 1)
         return ret;