projects / openssl.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (from parent 1: 18ada95)
Fix range checks with -offset and -length in asn1parse
authorBernd Edlinger <bernd.edlinger@hotmail.de>
Mon, 2 Apr 2018 07:13:49 +0000 (09:13 +0200)
committerBernd Edlinger <bernd.edlinger@hotmail.de>
Tue, 3 Apr 2018 14:02:17 +0000 (16:02 +0200)
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/5826)

apps/asn1pars.c patch | blob | history

diff --git a/apps/asn1pars.c b/apps/asn1pars.c
index 6278b13062e809bae68e105d97f83cee4abb7e2b..062e19644e0b8f9741cfffe42e952c56f9c3ae2c 100644 (file)
--- a/apps/asn1pars.c
+++ b/apps/asn1pars.c
@@ -258,14 +258,14 @@ int asn1parse_main(int argc, char **argv)
         num = tmplen;
     }
 
         num = tmplen;
     }
 
-    if (offset >= num) {
+    if (offset < 0 || offset >= num) {
         BIO_printf(bio_err, "Error: offset too large\n");
         goto end;
     }
 
     num -= offset;
 
         BIO_printf(bio_err, "Error: offset too large\n");
         goto end;
     }
 
     num -= offset;
 
-    if ((length == 0) || ((long)length > num))
+    if (length == 0 || length > (unsigned int)num)
         length = (unsigned int)num;
     if (derout != NULL) {
         if (BIO_write(derout, str + offset, length) != (int)length) {
         length = (unsigned int)num;
     if (derout != NULL) {
         if (BIO_write(derout, str + offset, length) != (int)length) {
Unnamed repository; edit this file 'description' to name the repository.