1 files changed, 17 insertions, 3 deletions
diff --git a/src/lib/libcrypto/asn1/t_x509.c b/src/lib/libcrypto/asn1/t_x509.c
index 5e753f3278..75bae5214a 100644
--- a/src/lib/libcrypto/asn1/t_x509.c
+++ b/src/lib/libcrypto/asn1/t_x509.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: t_x509.c,v 1.45 2024/04/09 13:55:02 beck Exp $ */
+/* $OpenBSD: t_x509.c,v 1.46 2024/08/28 06:17:06 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -56,6 +56,7 @@
 * [including the GNU Public Licence.]
 */
+#include <limits.h>
 #include <stdio.h>
 #include <openssl/opensslconf.h>
@@ -155,8 +156,21 @@ X509_print_ex(BIO *bp, X509 *x, unsigned long nmflags, unsigned long cflag)
                bs = X509_get_serialNumber(x);
                l = -1;
-                if (bs->length <= (int)sizeof(long))
-                        l = ASN1_INTEGER_get(bs);
+                /*
+                 * For historical reasons, non-negative serial numbers are
+                 * printed in decimal as long as they fit into a long. Using
+                 * ASN1_INTEGER_get_uint64() avoids an error on the stack for
+                 * numbers between LONG_MAX and ULONG_MAX. Otherwise fall back
+                 * to hexadecimal, also for numbers that are non-conformant
+                 * (negative or larger than 2^159 - 1).
+                 */
+                if (bs->length <= sizeof(long) && bs->type == V_ASN1_INTEGER) {
+                        uint64_t u64;
+                        if (ASN1_INTEGER_get_uint64(&u64, bs) && u64 <= LONG_MAX)
+                                l = (long)u64;
+                }
                if (l >= 0) {
                        if (BIO_printf(bp, " %ld (0x%lx)\n", l, l) <= 0)
                                goto err;

diff --git a/src/lib/libcrypto/asn1/t_x509.c b/src/lib/libcrypto/asn1/t_x509.c index 5e753f3278..75bae5214a 100644 --- a/src/lib/libcrypto/asn1/t_x509.c +++ b/src/lib/libcrypto/asn1/t_x509.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: t_x509.c,v 1.45 2024/04/09 13:55:02 beck Exp $ */	1	/* $OpenBSD: t_x509.c,v 1.46 2024/08/28 06:17:06 tb Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -56,6 +56,7 @@
56	* [including the GNU Public Licence.]	56	* [including the GNU Public Licence.]
57	*/	57	*/
58		58
		59	#include <limits.h>
59	#include <stdio.h>	60	#include <stdio.h>
60		61
61	#include <openssl/opensslconf.h>	62	#include <openssl/opensslconf.h>
@@ -155,8 +156,21 @@ X509_print_ex(BIO bp, X509 x, unsigned long nmflags, unsigned long cflag)
155		156
156	bs = X509_get_serialNumber(x);	157	bs = X509_get_serialNumber(x);
157	l = -1;	158	l = -1;
158	if (bs->length <= (int)sizeof(long))	159
159	l = ASN1_INTEGER_get(bs);	160	/*
		161	* For historical reasons, non-negative serial numbers are
		162	* printed in decimal as long as they fit into a long. Using
		163	* ASN1_INTEGER_get_uint64() avoids an error on the stack for
		164	* numbers between LONG_MAX and ULONG_MAX. Otherwise fall back
		165	* to hexadecimal, also for numbers that are non-conformant
		166	* (negative or larger than 2^159 - 1).
		167	*/
		168	if (bs->length <= sizeof(long) && bs->type == V_ASN1_INTEGER) {
		169	uint64_t u64;
		170
		171	if (ASN1_INTEGER_get_uint64(&u64, bs) && u64 <= LONG_MAX)
		172	l = (long)u64;
		173	}
160	if (l >= 0) {	174	if (l >= 0) {
161	if (BIO_printf(bp, " %ld (0x%lx)\n", l, l) <= 0)	175	if (BIO_printf(bp, " %ld (0x%lx)\n", l, l) <= 0)
162	goto err;	176	goto err;