BIO_dump*() avoid signed integer overflow - openbsd - A mirror of https://github.com/libressl/openbsd.git

diff options

author	tb <>	2024-02-15 10:34:30 +0000
committer	tb <>	2024-02-15 10:34:30 +0000
commit	59e4b1d0ca73ceddc625a2b878ff4642d1df6e91 (patch)
tree	2c6d4a6e183d71895f9d86cd8c89bdec863c9bf9 /src/lib/libcrypto/bio/bio_lib.c
parent	16c8a1ea3629772fdd16fd22a98ba46545e9e3a1 (diff)
download	openbsd-59e4b1d0ca73ceddc625a2b878ff4642d1df6e91.tar.gz openbsd-59e4b1d0ca73ceddc625a2b878ff4642d1df6e91.tar.bz2 openbsd-59e4b1d0ca73ceddc625a2b878ff4642d1df6e91.zip

BIO_dump*() avoid signed integer overflow

This API returns an int encoding the number of bytes printed. Thus, a dump of a large enough byte string can make this overflow and rely on undefined behavior. With an indent of 64, as little as 26 MB is enough to make this happen. ok jsing

Diffstat (limited to 'src/lib/libcrypto/bio/bio_lib.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: