CMS and PKCS7: fix handlling of EVP_PKEY_get_size() failure

Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22459)
author: Dr. David von Oheimb <dev@ddvo.net> 2023-10-20 21:00:10 +0200
committer: Hugo Landau <hlandau@openssl.org> 2023-10-26 16:03:48 +0100
commit: d7ad09da778bcc0090a7cdfd87edb56eea22382b (patch)
tree: 8f1a0bafa5a0ba49c1dbcf84e1dc8214dbaf1f12 /crypto/cms
parent: f03ce9e0194ab1b5422bc582eb81b8babaef49c5 (diff)
1 files changed, 3 insertions, 4 deletions
diff --git a/crypto/cms/cms_sd.c b/crypto/cms/cms_sd.c
index 43a404da14..b41e3571b2 100644
--- a/crypto/cms/cms_sd.c
+++ b/crypto/cms/cms_sd.c
@@ -764,8 +764,7 @@ static int cms_SignerInfo_content_sign(CMS_ContentInfo *cms,
             md = computed_md;
         }
         siglen = EVP_PKEY_get_size(si->pkey);
-        sig = OPENSSL_malloc(siglen);
-        if (sig == NULL)
+        if (siglen == 0 || (sig = OPENSSL_malloc(siglen)) == NULL)
             goto err;
         if (EVP_PKEY_sign(pctx, sig, &siglen, md, mdlen) <= 0) {
             OPENSSL_free(sig);
@@ -780,8 +779,8 @@ static int cms_SignerInfo_content_sign(CMS_ContentInfo *cms,
             ERR_raise(ERR_LIB_CMS, CMS_R_OPERATION_UNSUPPORTED);
             goto err;
         }
-        sig = OPENSSL_malloc(EVP_PKEY_get_size(si->pkey));
-        if (sig == NULL)
+        siglen = EVP_PKEY_get_size(si->pkey);
+        if (siglen == 0 || (sig = OPENSSL_malloc(siglen)) == NULL)
             goto err;
         if (!EVP_SignFinal_ex(mctx, sig, &siglen, si->pkey,
                               ossl_cms_ctx_get0_libctx(ctx),
author	Dr. David von Oheimb <dev@ddvo.net>	2023-10-20 21:00:10 +0200
committer	Hugo Landau <hlandau@openssl.org>	2023-10-26 16:03:48 +0100
commit	d7ad09da778bcc0090a7cdfd87edb56eea22382b (patch)
tree	8f1a0bafa5a0ba49c1dbcf84e1dc8214dbaf1f12 /crypto/cms
parent	f03ce9e0194ab1b5422bc582eb81b8babaef49c5 (diff)