diff options
author | Pauli <pauli@openssl.org> | 2021-05-17 09:45:33 +1000 |
---|---|---|
committer | Pauli <pauli@openssl.org> | 2021-05-18 13:24:41 +1000 |
commit | 678d0dba6cdcae7dd742d4d0d65da101e9ada1d2 (patch) | |
tree | c51f4de7a8c4a8b84ecb577164a05b3e24ee023a /crypto/hmac | |
parent | 84c5ad23e13a95d962fe52a5aeb23c0c525f0166 (diff) |
hmac: fix coverity 1484888 negative integer to size_t conversion
More theoretical than real but easy and cheap to check for.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/15300)
Diffstat (limited to 'crypto/hmac')
-rw-r--r-- | crypto/hmac/hmac.c | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/crypto/hmac/hmac.c b/crypto/hmac/hmac.c index 6d142f2cbb..f800cb8f89 100644 --- a/crypto/hmac/hmac.c +++ b/crypto/hmac/hmac.c @@ -221,10 +221,13 @@ unsigned char *HMAC(const EVP_MD *evp_md, const void *key, int key_len, unsigned char *md, unsigned int *md_len) { static unsigned char static_md[EVP_MAX_MD_SIZE]; + int size = EVP_MD_size(evp_md); + if (size < 0) + return NULL; return EVP_Q_mac(NULL, "HMAC", NULL, EVP_MD_name(evp_md), NULL, key, key_len, data, data_len, - md == NULL ? static_md : md, EVP_MD_size(evp_md), md_len); + md == NULL ? static_md : md, size, md_len); } void HMAC_CTX_set_flags(HMAC_CTX *ctx, unsigned long flags) |