diff options
author | Pauli <paul.dale@oracle.com> | 2019-05-07 10:26:32 +1000 |
---|---|---|
committer | Pauli <paul.dale@oracle.com> | 2019-05-08 09:52:58 +1000 |
commit | ea053ec99e985a3d76762bc54ccce23e12d08999 (patch) | |
tree | 20e1733587336dc0c1044ba1decbf9bea51109ae /crypto/evp/p5_crpt2.c | |
parent | 4894dcad6282985a96f5b3b560019c21c2bb3a6b (diff) |
Coverity CID 1444961: Integer handling issues
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8888)
Diffstat (limited to 'crypto/evp/p5_crpt2.c')
-rw-r--r-- | crypto/evp/p5_crpt2.c | 9 |
1 files changed, 7 insertions, 2 deletions
diff --git a/crypto/evp/p5_crpt2.c b/crypto/evp/p5_crpt2.c index ac5b974e54..c231a32c05 100644 --- a/crypto/evp/p5_crpt2.c +++ b/crypto/evp/p5_crpt2.c @@ -134,7 +134,7 @@ int PKCS5_v2_PBKDF2_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, const EVP_CIPHER *c, const EVP_MD *md, int en_de) { unsigned char *salt, key[EVP_MAX_KEY_LENGTH]; - int saltlen, iter; + int saltlen, iter, t; int rv = 0; unsigned int keylen = 0; int prf_nid, hmac_md_nid; @@ -157,7 +157,12 @@ int PKCS5_v2_PBKDF2_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, goto err; } - keylen = EVP_CIPHER_CTX_key_length(ctx); + t = EVP_CIPHER_CTX_key_length(ctx); + if (t < 0) { + EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN, EVP_R_INVALID_KEY_LENGTH); + goto err; + } + keylen = t; /* Now check the parameters of the kdf */ |