From 5e569f0a2e11a59cab7b6f525865232e7770e2f0 Mon Sep 17 00:00:00 2001
From: Todd Short <tshort@akamai.com>
Date: Wed, 19 Oct 2022 10:12:57 -0400
Subject: [PATCH] Fix coverity 1516093 tainted scalar

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19440)
---
 ssl/t1_trce.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/ssl/t1_trce.c b/ssl/t1_trce.c
index 1a032b3137e..4725185e79d 100644
--- a/ssl/t1_trce.c
+++ b/ssl/t1_trce.c
@@ -1334,7 +1334,10 @@ static int ssl_print_compressed_certificates(BIO *bio, const SSL_CONNECTION *sc,
     BIO_indent(bio, indent, 80);
     BIO_printf(bio, "Uncompressed length=%d\n", (int)uclen);
     BIO_indent(bio, indent, 80);
-    BIO_printf(bio, "Compressed length=%d, Ratio=%f:1\n", (int)clen, (float)uclen / (float)clen);
+    if (clen > 0)
+        BIO_printf(bio, "Compressed length=%d, Ratio=%f:1\n", (int)clen, (float)uclen / (float)clen);
+    else
+        BIO_printf(bio, "Compressed length=%d, Ratio=unknown\n", (int)clen);
 
     BIO_dump_indent(bio, (const char *)msg, clen, indent);
 
@@ -1342,7 +1345,7 @@ static int ssl_print_compressed_certificates(BIO *bio, const SSL_CONNECTION *sc,
     if (!ossl_comp_has_alg(alg))
         return 0;
 
-    if ((ucdata = OPENSSL_malloc(uclen)) == NULL)
+    if (uclen == 0 || (ucdata = OPENSSL_malloc(uclen)) == NULL)
         return 0;
 
     switch (alg) {
-- 
2.47.3