Prevent 1-byte out-of-bounds read in i2c_ASN1_BIT_STRING

If an ASN.1 BIT STRING a of length > 0 contains only zero bytes in a->data,
this old code would end up reading from a->data[-1]. This may or may not
crash. Luckily, anton observed two openssl-ruby regress test failures in
the last few days, which could eventually be traced back to this (after a
lot of painful digging due to coredumps not working properly).

ok jsing

1 files changed, 4 insertions, 2 deletions

diff --git a/src/lib/libcrypto/asn1/a_bitstr.c b/src/lib/libcrypto/asn1/a_bitstr.c
index a4a379a9a0..767055144d 100644
--- a/src/lib/libcrypto/asn1/a_bitstr.c
+++ b/src/lib/libcrypto/asn1/a_bitstr.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: a_bitstr.c,v 1.37 2022/11/08 16:48:28 tb Exp $ */
+/* $OpenBSD: a_bitstr.c,v 1.38 2023/01/13 14:46:08 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -255,11 +255,13 @@ i2c_ASN1_BIT_STRING(ASN1_BIT_STRING *a, unsigned char **pp)
                 if (a->flags & ASN1_STRING_FLAG_BITS_LEFT) {
                         bits = (int)a->flags & 0x07;
                 } else {
+                        j = 0;
                         for (; len > 0; len--) {
                                 if (a->data[len - 1])
                                         break;
                         }
-                        j = a->data[len - 1];
+                        if (len > 0)
+                                j = a->data[len - 1];
                         if (j & 0x01)
                                 bits = 0;
                         else if (j & 0x02)