Add range checks to varios ASN1_INTEGER functions to ensure the

sizes used remain a positive integer. Should address issue 13799 from oss-fuzz ok tb@ jsing@
author: beck <> 2019-03-23 18:48:15 +0000
committer: beck <> 2019-03-23 18:48:15 +0000
commit: ca4bb8fd7a5a26fd8735668aa2353f221a0d0fbc (patch)
tree: 5a672c6d12222c102b5aef132ff6174f5fec66f9 /src/lib/libcrypto/bn/bn_lib.c
parent: 4b69e569a2d9519abb4e7e10e2640d010e7d2744 (diff)
download: openbsd-ca4bb8fd7a5a26fd8735668aa2353f221a0d0fbc.tar.gz
openbsd-ca4bb8fd7a5a26fd8735668aa2353f221a0d0fbc.tar.bz2
openbsd-ca4bb8fd7a5a26fd8735668aa2353f221a0d0fbc.zip
1 files changed, 3 insertions, 1 deletions
diff --git a/src/lib/libcrypto/bn/bn_lib.c b/src/lib/libcrypto/bn/bn_lib.c
index 0b79a87413..0025cf52ef 100644
--- a/src/lib/libcrypto/bn/bn_lib.c
+++ b/src/lib/libcrypto/bn/bn_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: bn_lib.c,v 1.45 2018/07/23 18:14:32 tb Exp $ */
+/* $OpenBSD: bn_lib.c,v 1.46 2019/03/23 18:48:15 beck Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -578,6 +578,8 @@ BN_bin2bn(const unsigned char *s, int len, BIGNUM *ret)
        BN_ULONG l;
        BIGNUM *bn = NULL;
+        if (len < 0)
+                return (NULL);
        if (ret == NULL)
                ret = bn = BN_new();
        if (ret == NULL)
author	beck <>	2019-03-23 18:48:15 +0000
committer	beck <>	2019-03-23 18:48:15 +0000
commit	ca4bb8fd7a5a26fd8735668aa2353f221a0d0fbc (patch)
tree	5a672c6d12222c102b5aef132ff6174f5fec66f9 /src/lib/libcrypto/bn/bn_lib.c
parent	4b69e569a2d9519abb4e7e10e2640d010e7d2744 (diff)
download	openbsd-ca4bb8fd7a5a26fd8735668aa2353f221a0d0fbc.tar.gz openbsd-ca4bb8fd7a5a26fd8735668aa2353f221a0d0fbc.tar.bz2 openbsd-ca4bb8fd7a5a26fd8735668aa2353f221a0d0fbc.zip