Check md_size isn't negative before we use it

Issue found by Coverity Reviewed-by: N Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6592)

Check md_size isn't negative before we use it
Issue found by Coverity Reviewed-by: N Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6592)
3e0076c2 · Matt Caswell · c9d6fdd6 · 3e0076c2
隐藏空白更改
内联并排

Showing with 6 addition and 5 deletion

crypto/sm2/sm2_sign.c crypto/sm2/sm2_sign.c +6 -5

未找到文件。
--- a/crypto/sm2/sm2_sign.c
+++ b/crypto/sm2/sm2_sign.c
@@ -25,16 +25,17 @@ static BIGNUM *sm2_compute_msg_hash(const EVP_MD *digest,
 {
    EVP_MD_CTX *hash = EVP_MD_CTX_new();
    const int md_size = EVP_MD_size(digest);
-    uint8_t *za = OPENSSL_zalloc(md_size);
+    uint8_t *za = NULL;
    BIGNUM *e = NULL;

-    if (hash == NULL || za == NULL) {
-        SM2err(SM2_F_SM2_COMPUTE_MSG_HASH, ERR_R_MALLOC_FAILURE);
+    if (md_size < 0) {
+        SM2err(SM2_F_SM2_COMPUTE_MSG_HASH, SM2_R_INVALID_DIGEST);
        goto done;
    }

-    if (md_size < 0) {
-        SM2err(SM2_F_SM2_COMPUTE_MSG_HASH, SM2_R_INVALID_DIGEST);
+    za = OPENSSL_zalloc(md_size);
+    if (hash == NULL || za == NULL) {
+        SM2err(SM2_F_SM2_COMPUTE_MSG_HASH, ERR_R_MALLOC_FAILURE);
        goto done;
    }