Avoid polluting the error stack when printing certificates - openbsd - A mirror of https://github.com/libressl/openbsd.git

diff options

author	tb <>	2024-08-28 06:17:06 +0000
committer	tb <>	2024-08-28 06:17:06 +0000
commit	512532d0afc1a2962da6e0c566bb90967a493479 (patch)
tree	13dfad166a5c724aa2725339e55b84713d0f148a /src/lib/libc/stdlib/llabs.c
parent	e6600c8781ee3168a9641ab8f28db4d05ef8e881 (diff)
download	openbsd-512532d0afc1a2962da6e0c566bb90967a493479.tar.gz openbsd-512532d0afc1a2962da6e0c566bb90967a493479.tar.bz2 openbsd-512532d0afc1a2962da6e0c566bb90967a493479.zip

Avoid polluting the error stack when printing certificates

For a certificate serial number between LONG_MAX and ULONG_MAX, the call to ASN1_INTEGER_get() fails and leaves an error on the stack because the check bs->length <= sizeof(long) doesn't quite do what it's supposed to do (bs is probably for bitstring, although the more common reading would be adequate, too.) Fix this by checking for non-negativity and using ASN1_INTEGER_get_uint64() and add a lengthy comment to explain the nonsense per beck's request. discussed with jsing ok beck

Diffstat (limited to 'src/lib/libc/stdlib/llabs.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: