From f9f2e609db4de8d1f2022189a99c8277c3f6289d Mon Sep 17 00:00:00 2001
From: William Brawner <me@wbrawner.com>
Date: Sun, 5 Apr 2020 09:39:41 -0700
Subject: [PATCH] Ensure ECDSA_size always returns >= 0

Fixes #10484

Signed-off-by: William Brawner <me@wbrawner.com>

Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/11472)
---
 crypto/ec/ec_asn1.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/crypto/ec/ec_asn1.c b/crypto/ec/ec_asn1.c
index 336afc989d..831b74ce6c 100644
--- a/crypto/ec/ec_asn1.c
+++ b/crypto/ec/ec_asn1.c
@@ -1297,5 +1297,7 @@ int ECDSA_size(const EC_KEY *r)
     i = i2d_ASN1_INTEGER(&bs, NULL);
     i += i;                     /* r and s */
     ret = ASN1_object_size(1, i, V_ASN1_SEQUENCE);
+    if (ret < 0)
+        return 0;
     return ret;
 }
-- 
2.25.1