Commit fe26c12b08 for openssl.org

commit fe26c12b08cb627bb0c814ce909a61c8bd4a8740
Author: Eugene Syromiatnikov <esyr@openssl.org>
Date:   Mon Feb 23 05:16:24 2026 +0100

    ssl/ech/ech_store.c: check WPACKET_get_total_written return value

    Check the return value of check WPACKET_get_total_written() call
    in OSSL_ECHSTORE_new_config() and OSSL_ECHSTORE_write_pem(),
    and error out on failure.

    References: https://scan5.scan.coverity.com/#/project-view/65248/10222?selectedIssue=1681451
    Signed-off-by: Eugene Syromiatnikov <esyr@openssl.org>

    Reviewed-by: Matt Caswell <matt@openssl.org>
    Reviewed-by: Tomas Mraz <tomas@openssl.org>
    MergeDate: Wed Feb 25 11:10:45 2026
    (Merged from https://github.com/openssl/openssl/pull/30139)

diff --git a/ssl/ech/ech_store.c b/ssl/ech/ech_store.c
index 77a723ffaf..c9ef390554 100644
--- a/ssl/ech/ech_store.c
+++ b/ssl/ech/ech_store.c
@@ -745,7 +745,10 @@ int OSSL_ECHSTORE_new_config(OSSL_ECHSTORE *es,
         goto err;
     }
     /* bp, bblen has encoding */
-    WPACKET_get_total_written(&epkt, &bblen);
+    if (!WPACKET_get_total_written(&epkt, &bblen)) {
+        ERR_raise(ERR_LIB_SSL, ERR_R_INTERNAL_ERROR);
+        goto err;
+    }
     if ((ee = OPENSSL_zalloc(sizeof(*ee))) == NULL) {
         ERR_raise(ERR_LIB_SSL, ERR_R_INTERNAL_ERROR);
         goto err;
@@ -873,7 +876,10 @@ int OSSL_ECHSTORE_write_pem(OSSL_ECHSTORE *es, int index, BIO *out)
             ERR_raise(ERR_LIB_SSL, ERR_R_INTERNAL_ERROR);
             goto err;
         }
-        WPACKET_get_total_written(&epkt, &allencoded_len);
+        if (!WPACKET_get_total_written(&epkt, &allencoded_len)) {
+            ERR_raise(ERR_LIB_SSL, ERR_R_INTERNAL_ERROR);
+            goto err;
+        }
         if (PEM_write_bio(out, PEM_STRING_ECHCONFIG, NULL,
                 (unsigned char *)epkt_mem->data,
                 (long)allencoded_len)