From: Bernd Edlinger <bernd.edlinger@hotmail.de>
Date: Sun, 31 Mar 2019 10:00:16 +0000 (+0200)
Subject: Fix the allocation size in EVP_OpenInit and PEM_SignFinal
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=8cf85d489978c384a3f193fb7cb25469e0559f27;p=openssl

Fix the allocation size in EVP_OpenInit and PEM_SignFinal

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8620)
---

diff --git a/crypto/evp/p_open.c b/crypto/evp/p_open.c
index c9cd9b16c8..a141eb4da5 100644
--- a/crypto/evp/p_open.c
+++ b/crypto/evp/p_open.c
@@ -40,7 +40,7 @@ int EVP_OpenInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
     }
 
     size = EVP_PKEY_size(priv);
-    key = OPENSSL_malloc(size + 2);
+    key = OPENSSL_malloc(size);
     if (key == NULL) {
         /* ERROR */
         EVPerr(EVP_F_EVP_OPENINIT, ERR_R_MALLOC_FAILURE);
diff --git a/crypto/pem/pem_sign.c b/crypto/pem/pem_sign.c
index d8f6d07ae7..4be03a4794 100644
--- a/crypto/pem/pem_sign.c
+++ b/crypto/pem/pem_sign.c
@@ -31,7 +31,7 @@ int PEM_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret,
     int i, ret = 0;
     unsigned int m_len;
 
-    m = OPENSSL_malloc(EVP_PKEY_size(pkey) + 2);
+    m = OPENSSL_malloc(EVP_PKEY_size(pkey));
     if (m == NULL) {
         PEMerr(PEM_F_PEM_SIGNFINAL, ERR_R_MALLOC_FAILURE);
         goto err;