Add sanity check to print_bin function

Add a sanity check to the print_bin function to ensure that the |off|
argument is positive. Thanks to Kevin Wojtysiak (Int3 Solutions) and
Paramjot Oberoi (Int3 Solutions) for reporting this issue.

Reviewed-by: Andy Polyakov <appro@openssl.org>
(cherry picked from commit 3deeeeb61b0c5b9b5f0993a67b7967d2f85186da)

diff --git a/crypto/ec/eck_prn.c b/crypto/ec/eck_prn.c
index a911a0ac40805d17dd5da894e46e97f22fdf79e6..5ef12ec024444f2c7bc9bbe6523d1a9489829b39 100644 (file)
--- a/crypto/ec/eck_prn.c
+++ b/crypto/ec/eck_prn.c
@@ -338,12 +338,14 @@ static int print_bin(BIO *fp, const char *name, const unsigned char *buf,
 
     if (buf == NULL)
         return 1;
 
     if (buf == NULL)
         return 1;

-    if (off) {
+    if (off > 0) {

         if (off > 128)
             off = 128;
         memset(str, ' ', off);
         if (BIO_write(fp, str, off) <= 0)
             return 0;
         if (off > 128)
             off = 128;
         memset(str, ' ', off);
         if (BIO_write(fp, str, off) <= 0)
             return 0;

+    } else {
+        off = 0;

     }
 
     if (BIO_printf(fp, "%s", name) <= 0)
     }
 
     if (BIO_printf(fp, "%s", name) <= 0)