From: Pauli <pauli@openssl.org>
Date: Tue, 17 Aug 2021 03:19:32 +0000 (+1000)
Subject: pkcs12: check for zero length digest to avoid division by zero
X-Git-Tag: OpenSSL_1_1_1l~31
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=9d868840b821fddf895e3bf6b589ecf6be7b1b13;p=thirdparty%2Fopenssl.git

pkcs12: check for zero length digest to avoid division by zero

Fixes #16331

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
(Merged from https://github.com/openssl/openssl/pull/16333)
---

diff --git a/crypto/pkcs12/p12_key.c b/crypto/pkcs12/p12_key.c
index ab31a612950..b814f79216b 100644
--- a/crypto/pkcs12/p12_key.c
+++ b/crypto/pkcs12/p12_key.c
@@ -101,7 +101,7 @@ int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt,
 #endif
     v = EVP_MD_block_size(md_type);
     u = EVP_MD_size(md_type);
-    if (u < 0 || v <= 0)
+    if (u <= 0 || v <= 0)
         goto err;
     D = OPENSSL_malloc(v);
     Ai = OPENSSL_malloc(u);