From 3bbc7b562abf4ca3221d8762fe3f749024936281 Mon Sep 17 00:00:00 2001
From: Pauli <ppzgs1@gmail.com>
Date: Fri, 19 Mar 2021 14:50:28 +1000
Subject: [PATCH] evp: fix coverity 1451509: argument cannot be negative

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14620)
---
 crypto/evp/e_rc4_hmac_md5.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/crypto/evp/e_rc4_hmac_md5.c b/crypto/evp/e_rc4_hmac_md5.c
index 098aa3ee1ba..8bc1da63238 100644
--- a/crypto/evp/e_rc4_hmac_md5.c
+++ b/crypto/evp/e_rc4_hmac_md5.c
@@ -46,8 +46,12 @@ static int rc4_hmac_md5_init_key(EVP_CIPHER_CTX *ctx,
                                  const unsigned char *iv, int enc)
 {
     EVP_RC4_HMAC_MD5 *key = data(ctx);
+    const int keylen = EVP_CIPHER_CTX_key_length(ctx);
 
-    RC4_set_key(&key->ks, EVP_CIPHER_CTX_key_length(ctx), inkey);
+    if (keylen <= 0)
+        return 0;
+
+    RC4_set_key(&key->ks, keylen, inkey);
 
     MD5_Init(&key->head);       /* handy when benchmarking */
     key->tail = key->head;
-- 
2.47.2