From: Pauli <paul.dale@oracle.com>
Date: Tue, 7 May 2019 00:45:57 +0000 (+1000)
Subject: Coverity CID 1444959: Integer handling issues
X-Git-Tag: openssl-3.0.0-alpha1~2091
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=0484af225d96f449e21f5ad65cfa332e0091260b;p=oweals%2Fopenssl.git

Coverity CID 1444959: Integer handling issues

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8888)
---

diff --git a/crypto/asn1/p5_scrypt.c b/crypto/asn1/p5_scrypt.c
index 0382a5fcdc..d6f38e8579 100644
--- a/crypto/asn1/p5_scrypt.c
+++ b/crypto/asn1/p5_scrypt.c
@@ -217,7 +217,7 @@ int PKCS5_v2_scrypt_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass,
     uint64_t p, r, N;
     size_t saltlen;
     size_t keylen = 0;
-    int rv = 0;
+    int t, rv = 0;
     SCRYPT_PARAMS *sparam = NULL;
 
     if (EVP_CIPHER_CTX_cipher(ctx) == NULL) {
@@ -234,7 +234,12 @@ int PKCS5_v2_scrypt_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass,
         goto err;
     }
 
-    keylen = EVP_CIPHER_CTX_key_length(ctx);
+    t = EVP_CIPHER_CTX_key_length(ctx);
+    if (t < 0) {
+        EVPerr(EVP_F_PKCS5_V2_SCRYPT_KEYIVGEN, EVP_R_INVALID_KEY_LENGTH);
+        goto err;
+    }
+    keylen = t;
 
     /* Now check the parameters of sparam */