openssl
/
openssl
mirror of https://github.com/openssl/openssl
1
0
Fork 0
Code Issues Releases Wiki Activity

signature/dsa_sig.c: Add checks for the EVP_MD_get_size() 

Add checks for the EVP_MD_get_size() to avoid integer overflow and then explicitly cast from int to size_t.

Fixes: 45a845e40b ("Add EVP_DigestSign/EVP_DigestVerify support for DSA")
Signed-off-by: Jiasheng Jiang <jiasheng@purdue.edu>

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/23948)
This commit is contained in:
Jiasheng Jiang 2024-03-22 22:12:50 +00:00 committed by Tomas Mraz
parent df0ee35b53
commit f4174b6db4
1 changed files with 8 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
providers/implementations/signature/dsa_sig.c
View File

@ -93,8 +93,14 @@ typedef struct {
static size_t dsa_get_md_size(const PROV_DSA_CTX *pdsactx)
{
if (pdsactx->md != NULL)
return EVP_MD_get_size(pdsactx->md);
int md_size;
if (pdsactx->md != NULL) {
md_size = EVP_MD_get_size(pdsactx->md);
if (md_size <= 0)
return 0;
return (size_t)md_size;
}
return 0;
}