fix Coverity 1604662

Coverity flagged an issue in our bio_enc tests in which we failed to check the return code of BIO_read for an error condition which can lead to our length computation going backwards. Just check the error code before adding it to length Fixes openssl/project#779 Reviewed-by: Paul Dale <[email protected]> Reviewed-by: Tom Cosgrove <[email protected]> (Merged from openssl#25006)
siemens · Jul 27, 2024 · 4811efe · 4811efe
1 parent 32185d5
commit 4811efe
Showing 1 changed file with 10 additions and 3 deletions.
diff --git a/test/bio_enc_test.c b/test/bio_enc_test.c
@@ -41,7 +41,7 @@ static int do_bio_cipher(const EVP_CIPHER* cipher, const unsigned char* key,
     BIO *b, *mem;
     static unsigned char inp[BUF_SIZE] = { 0 };
     unsigned char out[BUF_SIZE], ref[BUF_SIZE];
-    int i, lref, len;
+    int i, lref, len, tmplen;
 
     /* Fill buffer with non-zero data so that over steps can be detected */
     if (!TEST_int_gt(RAND_bytes(inp, DATA_SIZE), 0))
@@ -77,13 +77,20 @@ static int do_bio_cipher(const EVP_CIPHER* cipher, const unsigned char* key,
         BIO_push(b, mem);
         memset(out, 0, sizeof(out));
         out[i] = ~ref[i];
-        len = BIO_read(b, out, i);
+        tmplen = BIO_read(b, out, i);
+        if (tmplen < 0)
+            goto err;
+        len = tmplen;
         /* check for overstep */
         if (!TEST_uchar_eq(out[i], (unsigned char)~ref[i])) {
             TEST_info("Encrypt overstep check failed @ operation %d", i);
             goto err;
         }
-        len += BIO_read(b, out + len, sizeof(out) - len);
+        tmplen = BIO_read(b, out + len, sizeof(out) - len);
+        if (tmplen < 0)
+            goto err;
+        len += tmplen;
+
         BIO_free_all(b);
 
         if (!TEST_mem_eq(out, len, ref, lref)) {