48 lines
1.2 KiB
Diff
48 lines
1.2 KiB
Diff
From 8ddacec11481a37302c19f4454e23299af399f83 Mon Sep 17 00:00:00 2001
|
|
From: mlitre <martinlitre@mac.com>
|
|
Date: Mon, 1 May 2023 11:07:21 +0200
|
|
Subject: [PATCH] Add negative integer check when using ASN1_BIT_STRING
|
|
|
|
The negative integer check is done to prevent potential overflow.
|
|
Fixes #20719.
|
|
|
|
CLA: trivial
|
|
|
|
Reviewed-by: Tomas Mraz <tomas@openssl.org>
|
|
Reviewed-by: Paul Dale <pauli@openssl.org>
|
|
(Merged from https://github.com/openssl/openssl/pull/20862)
|
|
|
|
(cherry picked from commit 1258a8e4361320cd3cfaf9ede692492ce01034c8)
|
|
|
|
---
|
|
crypto/asn1/a_bitstr.c | 6 ++++++
|
|
1 file changed, 6 insertions(+)
|
|
|
|
diff --git a/crypto/asn1/a_bitstr.c b/crypto/asn1/a_bitstr.c
|
|
index f462dd1073..31a1e11359 100644
|
|
--- a/crypto/asn1/a_bitstr.c
|
|
+++ b/crypto/asn1/a_bitstr.c
|
|
@@ -148,6 +148,9 @@ int ASN1_BIT_STRING_set_bit(ASN1_BIT_STRING *a, int n, int value)
|
|
int w, v, iv;
|
|
unsigned char *c;
|
|
|
|
+ if (n < 0)
|
|
+ return 0;
|
|
+
|
|
w = n / 8;
|
|
v = 1 << (7 - (n & 0x07));
|
|
iv = ~v;
|
|
@@ -182,6 +185,9 @@ int ASN1_BIT_STRING_get_bit(const ASN1_BIT_STRING *a, int n)
|
|
{
|
|
int w, v;
|
|
|
|
+ if (n < 0)
|
|
+ return 0;
|
|
+
|
|
w = n / 8;
|
|
v = 1 << (7 - (n & 0x07));
|
|
if ((a == NULL) || (a->length < (w + 1)) || (a->data == NULL))
|
|
--
|
|
2.27.0
|
|
|