projects
/
openssl.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
a75f707
)
Add negative integer check when using ASN1_BIT_STRING
author
mlitre
<martinlitre@mac.com>
Mon, 1 May 2023 09:07:21 +0000
(11:07 +0200)
committer
Pauli
<pauli@openssl.org>
Wed, 3 May 2023 23:08:23 +0000
(09:08 +1000)
The negative integer check is done to prevent potential overflow.
Fixes #20719.
CLA: trivial
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20862)
crypto/asn1/a_bitstr.c
patch
|
blob
|
history
diff --git
a/crypto/asn1/a_bitstr.c
b/crypto/asn1/a_bitstr.c
index 00a388a3a5734ffa0d46d5b159ca608a3b36b613..bd5fcaaa34fb4639096087bedb27d8990263f74c 100644
(file)
--- a/
crypto/asn1/a_bitstr.c
+++ b/
crypto/asn1/a_bitstr.c
@@
-145,6
+145,9
@@
int ASN1_BIT_STRING_set_bit(ASN1_BIT_STRING *a, int n, int value)
int w, v, iv;
unsigned char *c;
+ if (n < 0)
+ return 0;
+
w = n / 8;
v = 1 << (7 - (n & 0x07));
iv = ~v;
@@
-177,6
+180,9
@@
int ASN1_BIT_STRING_get_bit(const ASN1_BIT_STRING *a, int n)
{
int w, v;
+ if (n < 0)
+ return 0;
+
w = n / 8;
v = 1 << (7 - (n & 0x07));
if ((a == NULL) || (a->length < (w + 1)) || (a->data == NULL))
projects / openssl.git / commitdiff