From 8af5dfb254ada55571bd7d6246af6ba008e8472c Mon Sep 17 00:00:00 2001
From: Jiasheng Jiang <jiashengjiangcool@outlook.com>
Date: Fri, 30 Aug 2024 19:36:51 +0000
Subject: [PATCH] Add error return value information for EVP_MD_get_size()

Add error return value information for EVP_MD_get_size() and
EVP_MD_CTX_get_size() to better guide their usages and avoid
the integer overflow, such as
4a50882 ("ssl_cipher_get_overhead(): Replace size_t with int and add the checks")
and ef9ac2f ("test/bad_dtls_test.c: Add checks for the EVP_MD_CTX_get_size()").

Signed-off-by: Jiasheng Jiang <jiashengjiangcool@outlook.com>

Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25282)

(cherry picked from commit 09ae1c9f5acdaaf2fe893d513b1e98dbff489c50)
---
 doc/man3/EVP_DigestInit.pod | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/doc/man3/EVP_DigestInit.pod b/doc/man3/EVP_DigestInit.pod
index ed327480a1c..49625c31348 100644
--- a/doc/man3/EVP_DigestInit.pod
+++ b/doc/man3/EVP_DigestInit.pod
@@ -386,9 +386,9 @@ B<EVP_MD>.
 
 =item EVP_MD_get_size()
 
-Return the size of the message digest when passed an B<EVP_MD> or an
-B<EVP_MD_CTX> structure, i.e. the size of the hash.
-For an XOF this returns 0.
+Return the size of the message digest when passed an B<EVP_MD>, i.e. the size of
+the hash. A negative value or 0 can occur for invalid size.
+For an XOF with no default size this returns 0.
 
 =item EVP_MD_CTX_get_size_ex(), EVP_MD_CTX_get_size()
 
-- 
2.47.2