projects / openssl.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Avoid overflow issues in X509_cmp.
[openssl.git] / crypto / x509 / x509_cmp.c
diff --git a/crypto/x509/x509_cmp.c b/crypto/x509/x509_cmp.c
index d3b2c199b973d8ebb66c6dfc44ff0ea7814a8083..831cfb70f02827359760909f4ac412dbb1dd3aa3 100644 (file)
--- a/crypto/x509/x509_cmp.c
+++ b/crypto/x509/x509_cmp.c
@@ -187,9 +187,10 @@ int X509_cmp(const X509 *a, const X509 *b)
         return rv;
     /* Check for match against stored encoding too */
     if (!a->cert_info.enc.modified && !b->cert_info.enc.modified) {
-        rv = (int)(a->cert_info.enc.len - b->cert_info.enc.len);
-        if (rv)
-            return rv;
+        if (a->cert_info.enc.len < b->cert_info.enc.len)
+            return -1;
+        if (a->cert_info.enc.len > b->cert_info.enc.len)
+            return 1;
         return memcmp(a->cert_info.enc.enc, b->cert_info.enc.enc,
                       a->cert_info.enc.len);
     }
Unnamed repository; edit this file 'description' to name the repository.