[openssl] openssl-3.0 update

Sun Nov 7 22:57:15 UTC 2021

The branch openssl-3.0 has been updated
       via  571512aa46b73625bf4b82ae545614b9c3105708 (commit)
      from  0abb5703ba63bd82888837d60af6d8168601dd2f (commit)


- Log -----------------------------------------------------------------
commit 571512aa46b73625bf4b82ae545614b9c3105708
Author: Pauli <pauli at openssl.org>
Date:   Thu Nov 4 12:52:00 2021 +1000

    Address coverity 1493382 argument cannot be negative
    
    Reviewed-by: Tomas Mraz <tomas at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/16962)
    
    (cherry picked from commit fe4125382301201e42a3251544cda429bba0c9d7)

-----------------------------------------------------------------------

Summary of changes:
 crypto/evp/e_rc5.c | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/crypto/evp/e_rc5.c b/crypto/evp/e_rc5.c
index 3fb372360d..3496a70193 100644
--- a/crypto/evp/e_rc5.c
+++ b/crypto/evp/e_rc5.c
@@ -72,12 +72,13 @@ static int rc5_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
 static int r_32_12_16_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
                                const unsigned char *iv, int enc)
 {
-    if (EVP_CIPHER_CTX_get_key_length(ctx) > 255) {
+    const int key_len = EVP_CIPHER_CTX_get_key_length(ctx);
+
+    if (key_len > 255 || key_len < 0) {
         ERR_raise(ERR_LIB_EVP, EVP_R_BAD_KEY_LENGTH);
         return 0;
     }
-    return RC5_32_set_key(&data(ctx)->ks, EVP_CIPHER_CTX_get_key_length(ctx),
-                          key, data(ctx)->rounds);
+    return RC5_32_set_key(&data(ctx)->ks, key_len, key, data(ctx)->rounds);
 }
 
 #endif
