From: Pauli <paul.dale@oracle.com>
Date: Tue, 7 May 2019 00:55:39 +0000 (+1000)
Subject: Coverity CID 1444956: Integer handling issues
X-Git-Tag: openssl-3.0.0-alpha1~2088
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=6521cb0319e9bb1d49c93bd9885c7b253e90cef6;p=oweals%2Fopenssl.git

Coverity CID 1444956: Integer handling issues

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8888)
---

diff --git a/crypto/evp/e_des3.c b/crypto/evp/e_des3.c
index 6177659a83..52fde95fb0 100644
--- a/crypto/evp/e_des3.c
+++ b/crypto/evp/e_des3.c
@@ -280,15 +280,17 @@ static int des3_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr)
 {
 
     DES_cblock *deskey = ptr;
+    int kl;
 
     switch (type) {
     case EVP_CTRL_RAND_KEY:
-        if (RAND_priv_bytes(ptr, EVP_CIPHER_CTX_key_length(ctx)) <= 0)
+        kl = EVP_CIPHER_CTX_key_length(ctx);
+        if (kl < 0 || RAND_priv_bytes(ptr, kl) <= 0)
             return 0;
         DES_set_odd_parity(deskey);
-        if (EVP_CIPHER_CTX_key_length(ctx) >= 16)
+        if (kl >= 16)
             DES_set_odd_parity(deskey + 1);
-        if (EVP_CIPHER_CTX_key_length(ctx) >= 24)
+        if (kl >= 24)
             DES_set_odd_parity(deskey + 2);
         return 1;