Coverity CID 1444961: Integer handling issues

author Pauli <paul.dale@oracle.com>

Tue, 7 May 2019 00:26:32 +0000 (10:26 +1000)

committer Pauli <paul.dale@oracle.com>

Tue, 7 May 2019 23:52:58 +0000 (09:52 +1000)
author Pauli <paul.dale@oracle.com>
Tue, 7 May 2019 00:26:32 +0000 (10:26 +1000)
committer Pauli <paul.dale@oracle.com>
Tue, 7 May 2019 23:52:58 +0000 (09:52 +1000)
diff --git a/crypto/evp/p5_crpt2.c b/crypto/evp/p5_crpt2.c

index ac5b974e5457cf09bcd7e8e13af32a7a8dbe381d..c231a32c0505ae689837542e54aa2a3ff1e5db4e 100644 (file)
--- a/crypto/evp/p5_crpt2.c
+++ b/crypto/evp/p5_crpt2.c
@@ -134,7 +134,7 @@ int PKCS5_v2_PBKDF2_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass,
                               const EVP_CIPHER *c, const EVP_MD *md, int en_de)
  {
      unsigned char *salt, key[EVP_MAX_KEY_LENGTH];
-    int saltlen, iter;
+    int saltlen, iter, t;
      int rv = 0;
      unsigned int keylen = 0;
      int prf_nid, hmac_md_nid;
@@ -157,7 +157,12 @@ int PKCS5_v2_PBKDF2_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass,
          goto err;
      }
  
-    keylen = EVP_CIPHER_CTX_key_length(ctx);
+    t = EVP_CIPHER_CTX_key_length(ctx);
+    if (t < 0) {
+        EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN, EVP_R_INVALID_KEY_LENGTH);
+        goto err;
+    }
+    keylen = t;
  
      /* Now check the parameters of the kdf */
author	Pauli <paul.dale@oracle.com>
	Tue, 7 May 2019 00:26:32 +0000 (10:26 +1000)
committer	Pauli <paul.dale@oracle.com>
	Tue, 7 May 2019 23:52:58 +0000 (09:52 +1000)