Add sanity check to print_bin function

Add a sanity check to the print_bin function to ensure that the |off|
argument is positive. Thanks to Kevin Wojtysiak (Int3 Solutions) and
Paramjot Oberoi (Int3 Solutions) for reporting this issue.

Reviewed-by: Andy Polyakov <appro@openssl.org>

diff --git a/crypto/ec/eck_prn.c b/crypto/ec/eck_prn.c
index e39aa711d8339012a55b2c47968a577e3a6628cb..e1f5b69c76f23bf34686bb8062f6c0a4d76e085d 100644 (file)
--- a/crypto/ec/eck_prn.c
+++ b/crypto/ec/eck_prn.c
@@ -345,12 +345,14 @@ static int print_bin(BIO *fp, const char *name, const unsigned char *buf,
 
     if (buf == NULL)
         return 1;
 
     if (buf == NULL)
         return 1;

-    if (off) {
+    if (off > 0) {

         if (off > 128)
             off = 128;
         memset(str, ' ', off);
         if (BIO_write(fp, str, off) <= 0)
             return 0;
         if (off > 128)
             off = 128;
         memset(str, ' ', off);
         if (BIO_write(fp, str, off) <= 0)
             return 0;

+    } else {
+        off = 0;

     }
 
     if (BIO_printf(fp, "%s", name) <= 0)
     }
 
     if (BIO_printf(fp, "%s", name) <= 0)