Fix signed overflow in X509_CRL_print().

fixes oss-fuzz #14558

ok beck jsing

1 files changed, 4 insertions, 1 deletions

diff --git a/src/lib/libcrypto/asn1/t_crl.c b/src/lib/libcrypto/asn1/t_crl.c
index c8122442bb..057b8fe311 100644
--- a/src/lib/libcrypto/asn1/t_crl.c
+++ b/src/lib/libcrypto/asn1/t_crl.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: t_crl.c,v 1.17 2017/01/29 17:49:22 beck Exp $ */
+/* $OpenBSD: t_crl.c,v 1.18 2019/05/12 15:56:31 tb Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 1999.
  */
@@ -57,6 +57,7 @@
  */
 
 #include <stdio.h>
+#include <limits.h>
 
 #include <openssl/bn.h>
 #include <openssl/buffer.h>
@@ -92,6 +93,8 @@ X509_CRL_print(BIO *out, X509_CRL *x)
 
         BIO_printf(out, "Certificate Revocation List (CRL):\n");
         l = X509_CRL_get_version(x);
+        if (l < 0 || l == LONG_MAX)
+                goto err;
         BIO_printf(out, "%8sVersion %lu (0x%lx)\n", "", l + 1, l);
         i = OBJ_obj2nid(x->sig_alg->algorithm);
         if (X509_signature_print(out, x->sig_alg, NULL) == 0)