From d7c8f142ea5953bf260b70a58739c1c9b0f038eb Mon Sep 17 00:00:00 2001
From: Richard Levitte <levitte@openssl.org>
Date: Tue, 20 Dec 2016 12:56:14 +0100
Subject: M_check_autoarg: sanity check the key

For now, checking that the size is non-zero will suffice.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2120)
---
 crypto/evp/pmeth_fn.c | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

(limited to 'crypto/evp/pmeth_fn.c')

diff --git a/crypto/evp/pmeth_fn.c b/crypto/evp/pmeth_fn.c
index 8ff50da33a..e9b20a6088 100644
--- a/crypto/evp/pmeth_fn.c
+++ b/crypto/evp/pmeth_fn.c
@@ -18,7 +18,12 @@
         if (ctx->pmeth->flags & EVP_PKEY_FLAG_AUTOARGLEN) \
                 { \
                 size_t pksize = (size_t)EVP_PKEY_size(ctx->pkey); \
-                if (!arg) \
+                if (pksize == 0) \
+                        { \
+                        EVPerr(err, EVP_R_INVALID_KEY); /*ckerr_ignore*/\
+                        return 0; \
+                        } \
+                else if (!arg)                 \
                         { \
                         *arglen = pksize; \
                         return 1; \
-- 
cgit v1.2.3