From: Pauli <pauli@openssl.org>
Date: Thu, 4 Nov 2021 02:52:00 +0000 (+1000)
Subject: Address coverity 1493382 argument cannot be negative
X-Git-Tag: openssl-3.2.0-alpha1~3383
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=fe4125382301201e42a3251544cda429bba0c9d7;p=thirdparty%2Fopenssl.git

Address coverity 1493382 argument cannot be negative

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16962)
---

diff --git a/crypto/evp/e_rc5.c b/crypto/evp/e_rc5.c
index 3fb372360d4..3496a701931 100644
--- a/crypto/evp/e_rc5.c
+++ b/crypto/evp/e_rc5.c
@@ -72,12 +72,13 @@ static int rc5_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
 static int r_32_12_16_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
                                const unsigned char *iv, int enc)
 {
-    if (EVP_CIPHER_CTX_get_key_length(ctx) > 255) {
+    const int key_len = EVP_CIPHER_CTX_get_key_length(ctx);
+
+    if (key_len > 255 || key_len < 0) {
         ERR_raise(ERR_LIB_EVP, EVP_R_BAD_KEY_LENGTH);
         return 0;
     }
-    return RC5_32_set_key(&data(ctx)->ks, EVP_CIPHER_CTX_get_key_length(ctx),
-                          key, data(ctx)->rounds);
+    return RC5_32_set_key(&data(ctx)->ks, key_len, key, data(ctx)->rounds);
 }
 
 #endif