From 37bbe449294b63f87b03e792cae465b0b095299a Mon Sep 17 00:00:00 2001
From: Pauli <pauli@openssl.org>
Date: Mon, 7 Jun 2021 09:20:16 +1000
Subject: [PATCH] bio: improve error checking fixing coverity 1485659 & 1485665

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15635)
---
 crypto/evp/bio_ok.c | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/crypto/evp/bio_ok.c b/crypto/evp/bio_ok.c
index 97641d11d1d..97e67fcb681 100644
--- a/crypto/evp/bio_ok.c
+++ b/crypto/evp/bio_ok.c
@@ -483,9 +483,11 @@ static int sig_in(BIO *b)
     void *md_data;
 
     ctx = BIO_get_data(b);
-    md = ctx->md;
+    if ((md = ctx->md) == NULL)
+        goto berr;
     digest = EVP_MD_CTX_get0_md(md);
-    md_size = EVP_MD_get_size(digest);
+    if ((md_size = EVP_MD_get_size(digest)) < 0)
+        goto berr;
     md_data = EVP_MD_CTX_get0_md_data(md);
 
     if ((int)(ctx->buf_len - ctx->buf_off) < 2 * md_size)
@@ -562,6 +564,8 @@ static int block_in(BIO *b)
     ctx = BIO_get_data(b);
     md = ctx->md;
     md_size = EVP_MD_get_size(EVP_MD_CTX_get0_md(md));
+    if (md_size < 0)
+        goto berr;
 
     assert(sizeof(tl) >= OK_BLOCK_BLOCK); /* always true */
     tl = ctx->buf[0];
-- 
2.47.2