diff options
author | Pauli <ppzgs1@gmail.com> | 2021-03-19 14:50:43 +1000 |
---|---|---|
committer | Pauli <pauli@openssl.org> | 2021-04-08 08:49:27 +1000 |
commit | c12bf35026af94a73402eaf13f2428a9af30f1c0 (patch) | |
tree | 3f0c216e0edc86619e0be03b331dcb752fd7a9a6 /crypto | |
parent | 3bbc7b562abf4ca3221d8762fe3f749024936281 (diff) | |
download | openssl-c12bf35026af94a73402eaf13f2428a9af30f1c0.tar.gz |
evp: fix coverity 1473631: argument cannot be negative
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14620)
Diffstat (limited to 'crypto')
-rw-r--r-- | crypto/evp/evp_enc.c | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/crypto/evp/evp_enc.c b/crypto/evp/evp_enc.c index 64759311c0..2e4a3227a1 100644 --- a/crypto/evp/evp_enc.c +++ b/crypto/evp/evp_enc.c @@ -78,6 +78,7 @@ static int evp_cipher_init_internal(EVP_CIPHER_CTX *ctx, const unsigned char *iv, int enc, const OSSL_PARAM params[]) { + int n; #if !defined(OPENSSL_NO_ENGINE) && !defined(FIPS_MODULE) ENGINE *tmpimpl = NULL; #endif @@ -336,9 +337,9 @@ static int evp_cipher_init_internal(EVP_CIPHER_CTX *ctx, /* fall-through */ case EVP_CIPH_CBC_MODE: - - OPENSSL_assert(EVP_CIPHER_CTX_iv_length(ctx) <= - (int)sizeof(ctx->iv)); + n = EVP_CIPHER_CTX_iv_length(ctx); + if (!ossl_assert(n >= 0 && n <= (int)sizeof(ctx->iv))) + return 0; if (iv) memcpy(ctx->oiv, iv, EVP_CIPHER_CTX_iv_length(ctx)); memcpy(ctx->iv, ctx->oiv, EVP_CIPHER_CTX_iv_length(ctx)); |