QUIC QRX: Handle negative IV length values correctly (coverity)

Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21565)
author: Hugo Landau <hlandau@openssl.org> 2023-07-27 16:05:18 +0100
committer: Hugo Landau <hlandau@openssl.org> 2023-08-10 18:19:50 +0100
commit: b538ae4fbf1d9c800d2ed1cc6c317b36572ec7bb (patch)
tree: 7d37af4c99450bc48a6da33e3009eddcfd215e65 /ssl/quic/quic_record_rx.c
parent: 3887546dcf98f1369d5a03eae9772a7deb0c9b89 (diff)
1 files changed, 3 insertions, 3 deletions
diff --git a/ssl/quic/quic_record_rx.c b/ssl/quic/quic_record_rx.c
index feb32d9272..4f4a1b84a9 100644
--- a/ssl/quic/quic_record_rx.c
+++ b/ssl/quic/quic_record_rx.c
@@ -685,9 +685,9 @@ static int qrx_decrypt_pkt_body(OSSL_QRX *qrx, unsigned char *dst,
                                 unsigned char key_phase_bit,
                                 uint64_t *rx_key_epoch)
 {
-    int l = 0, l2 = 0, is_old_key;
+    int l = 0, l2 = 0, is_old_key, nonce_len;
     unsigned char nonce[EVP_MAX_IV_LENGTH];
-    size_t nonce_len, i, cctx_idx;
+    size_t i, cctx_idx;
     OSSL_QRL_ENC_LEVEL *el = ossl_qrl_enc_level_set_get(&qrx->el_set,
                                                         enc_level, 1);
     EVP_CIPHER_CTX *cctx;
@@ -731,7 +731,7 @@ static int qrx_decrypt_pkt_body(OSSL_QRX *qrx, unsigned char *dst,
 
     /* Construct nonce (nonce=IV ^ PN). */
     nonce_len = EVP_CIPHER_CTX_get_iv_length(cctx);
-    if (!ossl_assert(nonce_len >= sizeof(QUIC_PN)))
+    if (!ossl_assert(nonce_len >= (int)sizeof(QUIC_PN)))
         return 0;
 
     memcpy(nonce, el->iv[cctx_idx], nonce_len);
author	Hugo Landau <hlandau@openssl.org>	2023-07-27 16:05:18 +0100
committer	Hugo Landau <hlandau@openssl.org>	2023-08-10 18:19:50 +0100
commit	b538ae4fbf1d9c800d2ed1cc6c317b36572ec7bb (patch)
tree	7d37af4c99450bc48a6da33e3009eddcfd215e65 /ssl/quic/quic_record_rx.c
parent	3887546dcf98f1369d5a03eae9772a7deb0c9b89 (diff)