Avoid creating an illegal pointer
authorKurt Roeckx <kurt@roeckx.be>
Tue, 24 May 2016 19:32:01 +0000 (21:32 +0200)
committerKurt Roeckx <kurt@roeckx.be>
Wed, 25 May 2016 19:20:07 +0000 (21:20 +0200)
Found by tis-interpreter

Reviewed-by: Rich Salz <rsalz@openssl.org>
GH: #1122

crypto/asn1/a_int.c

index d06d417..9c28c02 100644 (file)
@@ -201,18 +201,18 @@ static size_t c2i_ibuf(unsigned char *b, int *pneg,
     /* Must be negative: calculate twos complement */
     if (b) {
         const unsigned char *from = p + plen - 1 + pad;
-        unsigned char *to = b + plen - 1;
+        unsigned char *to = b + plen;
         i = plen;
         while (*from == 0 && i) {
-            *to-- = 0;
+            *--to = 0;
             i--;
             from--;
         }
-        *to-- = (*from-- ^ 0xff) + 1;
+        *--to = (*from-- ^ 0xff) + 1;
         OPENSSL_assert(i != 0);
         i--;
         for (; i > 0; i--)
-            *to-- = *from-- ^ 0xff;
+            *--to = *from-- ^ 0xff;
     }
     return plen;
 }