projects
/
openssl.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Fix overflow in c2i_ASN1_BIT_STRING.
[openssl.git]
/
crypto
/
asn1
/
a_bitstr.c
diff --git
a/crypto/asn1/a_bitstr.c
b/crypto/asn1/a_bitstr.c
index 33be907f9d5edd33c2d086404d815fcb4b7b9f3b..b2e0fb688265ec48f8e43597d0c1476a633ffb25 100644
(file)
--- a/
crypto/asn1/a_bitstr.c
+++ b/
crypto/asn1/a_bitstr.c
@@
-7,6
+7,7
@@
* https://www.openssl.org/source/license.html
*/
* https://www.openssl.org/source/license.html
*/
+#include <limits.h>
#include <stdio.h>
#include "internal/cryptlib.h"
#include <openssl/asn1.h>
#include <stdio.h>
#include "internal/cryptlib.h"
#include <openssl/asn1.h>
@@
-88,6
+89,11
@@
ASN1_BIT_STRING *c2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a,
goto err;
}
goto err;
}
+ if (len > INT_MAX) {
+ i = ASN1_R_STRING_TOO_LONG;
+ goto err;
+ }
+
if ((a == NULL) || ((*a) == NULL)) {
if ((ret = ASN1_BIT_STRING_new()) == NULL)
return (NULL);
if ((a == NULL) || ((*a) == NULL)) {
if ((ret = ASN1_BIT_STRING_new()) == NULL)
return (NULL);