Check md_size isn't negative before we use it

Issue found by Coverity Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6592)
author: Matt Caswell <matt@openssl.org> 2018-06-26 16:03:05 +0200
committer: Matt Caswell <matt@openssl.org> 2018-07-07 15:00:10 +0200
commit: 3e0076c213ec2d1149a9a89f9bc141d1a1a44630 (patch)
tree: f9cffa9e2dbf090f55308c5a8f7bd52407408afc /crypto/sm2
parent: Don't fail if the PSK identity doesn't match (diff)
download: openssl-3e0076c213ec2d1149a9a89f9bc141d1a1a44630.tar.xz
openssl-3e0076c213ec2d1149a9a89f9bc141d1a1a44630.zip
1 files changed, 6 insertions, 5 deletions
diff --git a/crypto/sm2/sm2_sign.c b/crypto/sm2/sm2_sign.c
index 14576ca840..adde9520ce 100644
--- a/crypto/sm2/sm2_sign.c
+++ b/crypto/sm2/sm2_sign.c
@@ -25,16 +25,17 @@ static BIGNUM *sm2_compute_msg_hash(const EVP_MD *digest,
 {
     EVP_MD_CTX *hash = EVP_MD_CTX_new();
     const int md_size = EVP_MD_size(digest);
-    uint8_t *za = OPENSSL_zalloc(md_size);
+    uint8_t *za = NULL;
     BIGNUM *e = NULL;
 
-    if (hash == NULL || za == NULL) {
-        SM2err(SM2_F_SM2_COMPUTE_MSG_HASH, ERR_R_MALLOC_FAILURE);
+    if (md_size < 0) {
+        SM2err(SM2_F_SM2_COMPUTE_MSG_HASH, SM2_R_INVALID_DIGEST);
         goto done;
     }
 
-    if (md_size < 0) {
-        SM2err(SM2_F_SM2_COMPUTE_MSG_HASH, SM2_R_INVALID_DIGEST);
+    za = OPENSSL_zalloc(md_size);
+    if (hash == NULL || za == NULL) {
+        SM2err(SM2_F_SM2_COMPUTE_MSG_HASH, ERR_R_MALLOC_FAILURE);
         goto done;
     }
author	Matt Caswell <matt@openssl.org>	2018-06-26 16:03:05 +0200
committer	Matt Caswell <matt@openssl.org>	2018-07-07 15:00:10 +0200
commit	3e0076c213ec2d1149a9a89f9bc141d1a1a44630 (patch)
tree	f9cffa9e2dbf090f55308c5a8f7bd52407408afc /crypto/sm2
parent	Don't fail if the PSK identity doesn't match (diff)
download	openssl-3e0076c213ec2d1149a9a89f9bc141d1a1a44630.tar.xz openssl-3e0076c213ec2d1149a9a89f9bc141d1a1a44630.zip