From 2581ff619bbba7232ca5f6db200bab42ef72c33f Mon Sep 17 00:00:00 2001 From: Tomas Mraz Date: Wed, 22 Jan 2025 16:55:35 +0100 Subject: [PATCH] template_kem.c: Check outlen before dereferencing it Fixes Coverity 1633353, 1633356, 1633357 Reviewed-by: Dmitry Belyavskiy Reviewed-by: Neil Horman Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/26522) --- providers/implementations/kem/template_kem.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/providers/implementations/kem/template_kem.c b/providers/implementations/kem/template_kem.c index 6100db35363..e504d8709f6 100644 --- a/providers/implementations/kem/template_kem.c +++ b/providers/implementations/kem/template_kem.c @@ -143,7 +143,8 @@ static int template_encapsulate(void *vctx, unsigned char *out, size_t *outlen, *secretlen = 0; /* replace with real shared secret length */ if (out == NULL) { - debug_print("encaps outlens set to %d and %d\n", *outlen, *secretlen); + if (outlen != NULL && secretlen != NULL) + debug_print("encaps outlens set to %d and %d\n", *outlen, *secretlen); return 1; } @@ -164,7 +165,8 @@ static int template_decapsulate(void *vctx, unsigned char *out, size_t *outlen, *outlen = 0; /* replace with shared secret length */ if (out == NULL) { - debug_print("decaps outlen set to %d \n", *outlen); + if (outlen != NULL) + debug_print("decaps outlen set to %d \n", *outlen); return 1; } -- 2.47.2