diff options
author | Pauli <ppzgs1@gmail.com> | 2021-03-19 14:54:40 +1000 |
---|---|---|
committer | Pauli <pauli@openssl.org> | 2021-04-08 08:49:27 +1000 |
commit | fd0a9ff7ef0db7441baf8626f53e37a10d22449d (patch) | |
tree | f2f58cc357c0df3ae021beb2c07979ab96075c5f | |
parent | c12bf35026af94a73402eaf13f2428a9af30f1c0 (diff) | |
download | openssl-new-fd0a9ff7ef0db7441baf8626f53e37a10d22449d.tar.gz |
dh: fix coverity 1473238: argument cannot be negative
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14620)
-rw-r--r-- | crypto/dh/dh_pmeth.c | 9 |
1 files changed, 5 insertions, 4 deletions
diff --git a/crypto/dh/dh_pmeth.c b/crypto/dh/dh_pmeth.c index 584a174ae2..affe40a53c 100644 --- a/crypto/dh/dh_pmeth.c +++ b/crypto/dh/dh_pmeth.c @@ -463,10 +463,11 @@ static int pkey_dh_derive(EVP_PKEY_CTX *ctx, unsigned char *key, if (*keylen != dctx->kdf_outlen) return 0; ret = 0; - Zlen = DH_size(dh); - Z = OPENSSL_malloc(Zlen); - if (Z == NULL) { - goto err; + if ((Zlen = DH_size(dh)) <= 0) + return 0; + if ((Z = OPENSSL_malloc(Zlen)) == NULL) { + ERR_raise(ERR_LIB_DH, ERR_R_MALLOC_FAILURE); + return 0; } if (DH_compute_key_padded(Z, dhpubbn, dh) <= 0) goto err; |