[openssl/openssl] 7209a6: Fix coverity-1604666
Neil Horman
noreply at github.com
Wed Jul 17 14:33:05 UTC 2024
Branch: refs/heads/openssl-3.2
Home: https://github.com/openssl/openssl
Commit: 7209a6b5f4bc758349f45d35f68d6dc41b11a8d3
https://github.com/openssl/openssl/commit/7209a6b5f4bc758349f45d35f68d6dc41b11a8d3
Author: Neil Horman <nhorman at openssl.org>
Date: 2024-07-17 (Wed, 17 Jul 2024)
Changed paths:
M crypto/rsa/rsa_oaep.c
Log Message:
-----------
Fix coverity-1604666
Coverity recently flaged an error in which the return value for
EVP_MD_get_size wasn't checked for negative values prior to use, which
can cause underflow later in the function.
Just add the check and error out if get_size returns an error.
Reviewed-by: Paul Dale <ppzgs1 at gmail.com>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24896)
(cherry picked from commit 22e08c7cdc596d4f16749811d1022fb8b07a8e41)
To unsubscribe from these emails, change your notification settings at https://github.com/openssl/openssl/settings/notifications
More information about the openssl-commits
mailing list