[openssl] master update

Dr. Paul Dale pauli at openssl.org
Mon Mar 4 09:32:23 UTC 2019


The branch master has been updated
       via  68ad17e87467e93eab87fc2fce0da53d6a7653cc (commit)
      from  38023b87f037f4b832c236dfce2a76272be08763 (commit)


- Log -----------------------------------------------------------------
commit 68ad17e87467e93eab87fc2fce0da53d6a7653cc
Author: Pauli <paul.dale at oracle.com>
Date:   Mon Mar 4 13:37:39 2019 +1000

    Check for negative return for signature size.Addresses Coverity 1442933
    
    Reviewed-by: Matt Caswell <matt at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/8392)

-----------------------------------------------------------------------

Summary of changes:
 test/ecdsatest.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/test/ecdsatest.c b/test/ecdsatest.c
index 03327a2..761832f 100644
--- a/test/ecdsatest.c
+++ b/test/ecdsatest.c
@@ -205,6 +205,7 @@ static int test_builtin(int n)
     EVP_MD_CTX *mctx = NULL;
     size_t sig_len;
     int nid, ret = 0;
+    int temp;
 
     nid = curves[n].nid;
 
@@ -231,9 +232,10 @@ static int test_builtin(int n)
         || !TEST_true(EVP_PKEY_assign_EC_KEY(pkey_neg, eckey_neg)))
         goto err;
 
-    sig_len = ECDSA_size(eckey);
+    temp = ECDSA_size(eckey);
 
-    if (!TEST_ptr(sig = OPENSSL_malloc(sig_len))
+    if (!TEST_int_ge(temp, 0)
+        || !TEST_ptr(sig = OPENSSL_malloc(sig_len = (size_t)temp))
         /* create a signature */
         || !TEST_true(EVP_DigestSignInit(mctx, NULL, NULL, NULL, pkey))
         || !TEST_true(EVP_DigestSign(mctx, sig, &sig_len, tbs, sizeof(tbs)))


More information about the openssl-commits mailing list