From: Todd Short <tshort@akamai.com>
Date: Wed, 19 Oct 2022 14:12:57 +0000 (-0400)
Subject: Fix coverity 1516093 tainted scalar
X-Git-Tag: openssl-3.2.0-alpha1~1867
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=5e569f0a2e11a59cab7b6f525865232e7770e2f0;p=thirdparty%2Fopenssl.git

Fix coverity 1516093 tainted scalar

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19440)
---

diff --git a/ssl/t1_trce.c b/ssl/t1_trce.c
index 1a032b3137e..4725185e79d 100644
--- a/ssl/t1_trce.c
+++ b/ssl/t1_trce.c
@@ -1334,7 +1334,10 @@ static int ssl_print_compressed_certificates(BIO *bio, const SSL_CONNECTION *sc,
     BIO_indent(bio, indent, 80);
     BIO_printf(bio, "Uncompressed length=%d\n", (int)uclen);
     BIO_indent(bio, indent, 80);
-    BIO_printf(bio, "Compressed length=%d, Ratio=%f:1\n", (int)clen, (float)uclen / (float)clen);
+    if (clen > 0)
+        BIO_printf(bio, "Compressed length=%d, Ratio=%f:1\n", (int)clen, (float)uclen / (float)clen);
+    else
+        BIO_printf(bio, "Compressed length=%d, Ratio=unknown\n", (int)clen);
 
     BIO_dump_indent(bio, (const char *)msg, clen, indent);
 
@@ -1342,7 +1345,7 @@ static int ssl_print_compressed_certificates(BIO *bio, const SSL_CONNECTION *sc,
     if (!ossl_comp_has_alg(alg))
         return 0;
 
-    if ((ucdata = OPENSSL_malloc(uclen)) == NULL)
+    if (uclen == 0 || (ucdata = OPENSSL_malloc(uclen)) == NULL)
         return 0;
 
     switch (alg) {