projects / openssl.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 893a416)
Coverity 1508532: out of bounds access
authorPauli <pauli@openssl.org>
Mon, 22 Aug 2022 01:06:57 +0000 (11:06 +1000)
committerPauli <pauli@openssl.org>
Tue, 23 Aug 2022 08:03:45 +0000 (18:03 +1000)
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19033)

(cherry picked from commit eb7a5cc3454174094c0c09f1d00aec464ce0f786)

crypto/dh/dh_pmeth.c patch | blob | history

diff --git a/crypto/dh/dh_pmeth.c b/crypto/dh/dh_pmeth.c
index 1ad50b850d6e02667a9f5231ea7043ee35862e6f..bd7902c43381d0e67008f7077520f546021bae25 100644 (file)
--- a/crypto/dh/dh_pmeth.c
+++ b/crypto/dh/dh_pmeth.c
@@ -432,7 +432,8 @@ static int pkey_dh_derive(EVP_PKEY_CTX *ctx, unsigned char *key,
     else if (dctx->kdf_type == EVP_PKEY_DH_KDF_X9_42) {
 
         unsigned char *Z = NULL;
-        size_t Zlen = 0;
+        int Zlen = 0;
+
         if (!dctx->kdf_outlen || !dctx->kdf_oid)
             return 0;
         if (key == NULL) {
Unnamed repository; edit this file 'description' to name the repository.