diff options
author | ndossche <niels.dossche@ugent.be> | 2023-01-31 16:30:26 +0100 |
---|---|---|
committer | Tomas Mraz <tomas@openssl.org> | 2023-02-08 16:57:58 +0100 |
commit | ba061818e9d76f332e8914dfe9168577b2378dde (patch) | |
tree | 9aa815cfac60ad2afdb967d456e0321b44e06c80 /crypto/cms | |
parent | 650f0474282330e3eb2a3df0eff5864bbdcf5845 (diff) |
Fix incomplete check on CMS_SharedInfo_encode
CMS_SharedInfo_encode() can also return a negative error value, but this
is not checked in the current check, only the zero error return value is
covered. A previous PR [1] fixed the other caller's check of
CMS_SharedInfo_encode in this file, but it seems like this place was
missed. Fix it by changing the check to <= 0.
[1] https://github.com/openssl/openssl/pull/12628/commits/a752fc4da5e1dfd5b3a730d95272c2e2b0c48f1a
CLA: trivial
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20181)
Diffstat (limited to 'crypto/cms')
-rw-r--r-- | crypto/cms/cms_ec.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/crypto/cms/cms_ec.c b/crypto/cms/cms_ec.c index 808b3bf1ae..896eda61da 100644 --- a/crypto/cms/cms_ec.c +++ b/crypto/cms/cms_ec.c @@ -346,7 +346,7 @@ static int ecdh_cms_encrypt(CMS_RecipientInfo *ri) penclen = CMS_SharedInfo_encode(&penc, wrap_alg, ukm, keylen); - if (penclen == 0) + if (penclen <= 0) goto err; if (EVP_PKEY_CTX_set0_ecdh_kdf_ukm(pctx, penc, penclen) <= 0) |