Fix CID 1454806: NEGATIVE_RETURNS (cms_enc.c)

author Shane Lontis <shane.lontis@oracle.com>

Mon, 6 Jul 2020 23:46:37 +0000 (09:46 +1000)

committer Dmitry Belyavskiy <beldmit@gmail.com>

Wed, 8 Jul 2020 08:19:08 +0000 (11:19 +0300)
author Shane Lontis <shane.lontis@oracle.com>
Mon, 6 Jul 2020 23:46:37 +0000 (09:46 +1000)
committer Dmitry Belyavskiy <beldmit@gmail.com>
Wed, 8 Jul 2020 08:19:08 +0000 (11:19 +0300)
diff --git a/crypto/cms/cms_enc.c b/crypto/cms/cms_enc.c

index 3a17a2798b989f19bec38327d10347787e581402..5f9e2b3a52b03cf938d13fbf68f0531cdc84f263 100644 (file)
--- a/crypto/cms/cms_enc.c
+++ b/crypto/cms/cms_enc.c
@@ -28,6 +28,7 @@ BIO *cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec)
      X509_ALGOR *calg = ec->contentEncryptionAlgorithm;
      unsigned char iv[EVP_MAX_IV_LENGTH], *piv = NULL;
      unsigned char *tkey = NULL;
+    int len;
      size_t tkeylen = 0;
  
      int ok = 0;
@@ -81,7 +82,11 @@ BIO *cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec)
                 CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR);
          goto err;
      }
-    tkeylen = EVP_CIPHER_CTX_key_length(ctx);
+    len = EVP_CIPHER_CTX_key_length(ctx);
+    if (len <= 0)
+        goto err;
+    tkeylen = (size_t)len;
+
      /* Generate random session key */
      if (!enc || !ec->key) {
          tkey = OPENSSL_malloc(tkeylen);
author	Shane Lontis <shane.lontis@oracle.com>
	Mon, 6 Jul 2020 23:46:37 +0000 (09:46 +1000)
committer	Dmitry Belyavskiy <beldmit@gmail.com>
	Wed, 8 Jul 2020 08:19:08 +0000 (11:19 +0300)