diff options
author | Todd Short <tshort@akamai.com> | 2022-10-27 10:27:29 -0400 |
---|---|---|
committer | Tomas Mraz <tomas@openssl.org> | 2022-11-02 11:35:52 +0100 |
commit | 00e38edcfb95b556a59de96e0c18343828929c8f (patch) | |
tree | 8b76491bc35d29d7e457aaf1337d413568920c62 /ssl | |
parent | 943051d0f9ce8dcb38707774a5757a5dc436704f (diff) |
Fix coverity 1516093 tainted scalar
|uclen| is created from three byte values, so this seems a bit
redundant, but if it makes coverity happy
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19519)
Diffstat (limited to 'ssl')
-rw-r--r-- | ssl/t1_trce.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/ssl/t1_trce.c b/ssl/t1_trce.c index 4725185e79..6d314c5331 100644 --- a/ssl/t1_trce.c +++ b/ssl/t1_trce.c @@ -1345,7 +1345,8 @@ static int ssl_print_compressed_certificates(BIO *bio, const SSL_CONNECTION *sc, if (!ossl_comp_has_alg(alg)) return 0; - if (uclen == 0 || (ucdata = OPENSSL_malloc(uclen)) == NULL) + /* Check against certificate maximum size (coverity) */ + if (uclen == 0 || uclen > 0xFFFFFF || (ucdata = OPENSSL_malloc(uclen)) == NULL) return 0; switch (alg) { |