Commit 3e903838e3 for openssl.org

commit 3e903838e341e9fc884c4d87e4a295d4a722414b
Author: Weidong Wang <kenazcharisma@gmail.com>
Date:   Sat Mar 21 10:41:49 2026 -0500

    Fix missing EVP_CIPHER_get_iv_length() guard in PKCS5_pbe2_set_scrypt

    Store the return value of EVP_CIPHER_get_iv_length() in a local variable
    and guard with (ivlen > 0) before passing to memcpy/RAND_bytes, matching
    the pattern already used in p5_pbev2.c. Without this, a negative return
    value (-1) is implicitly converted to SIZE_MAX when cast to size_t,
    causing a stack buffer overflow on iv[EVP_MAX_IV_LENGTH].

    Reviewed-by: Paul Dale <paul.dale@oracle.com>
    Reviewed-by: Eugene Syromiatnikov <esyr@openssl.org>
    MergeDate: Fri Mar 27 16:14:09 2026
    (Merged from https://github.com/openssl/openssl/pull/30510)

diff --git a/crypto/asn1/p5_scrypt.c b/crypto/asn1/p5_scrypt.c
index e52e124beb..64980a1a68 100644
--- a/crypto/asn1/p5_scrypt.c
+++ b/crypto/asn1/p5_scrypt.c
@@ -46,7 +46,7 @@ X509_ALGOR *PKCS5_pbe2_set_scrypt(const EVP_CIPHER *cipher,
     uint64_t p)
 {
     X509_ALGOR *scheme = NULL, *ret = NULL;
-    int alg_nid;
+    int alg_nid, ivlen;
     size_t keylen = 0;
     EVP_CIPHER_CTX *ctx = NULL;
     unsigned char iv[EVP_MAX_IV_LENGTH];
@@ -85,10 +85,11 @@ X509_ALGOR *PKCS5_pbe2_set_scrypt(const EVP_CIPHER *cipher,
     }

     /* Create random IV */
-    if (EVP_CIPHER_get_iv_length(cipher)) {
+    ivlen = EVP_CIPHER_get_iv_length(cipher);
+    if (ivlen > 0) {
         if (aiv)
-            memcpy(iv, aiv, EVP_CIPHER_get_iv_length(cipher));
-        else if (RAND_bytes(iv, EVP_CIPHER_get_iv_length(cipher)) <= 0)
+            memcpy(iv, aiv, ivlen);
+        else if (RAND_bytes(iv, ivlen) <= 0)
             goto err;
     }