From be7071a39d853595f00196e2efdfab18244b5dc1 Mon Sep 17 00:00:00 2001
From: tb <>
Date: Thu, 20 Oct 2022 09:47:01 +0000
Subject: Unbreak ASN.1 indefinite length encoding.

In r1.25 of tasn_enc.c a check was added to ensure that asn1_ex_i2c()
returned the same value on both calls, however in the ndef case the len
variable gets changed between calls. Keep a copy of the original value to
test against.

Issue reported by niklas, who encountered a test failure in rust-openssl.

ok miod@ tb@; from jsing

This is errata/7.2/002_asn1.patch.sig
---
 src/lib/libcrypto/asn1/tasn_enc.c | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/src/lib/libcrypto/asn1/tasn_enc.c b/src/lib/libcrypto/asn1/tasn_enc.c
index d42c5ea369..8e17d666da 100644
--- a/src/lib/libcrypto/asn1/tasn_enc.c
+++ b/src/lib/libcrypto/asn1/tasn_enc.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tasn_enc.c,v 1.25 2022/08/20 17:55:08 jsing Exp $ */
+/* $OpenBSD: tasn_enc.c,v 1.25.2.1 2022/10/20 09:47:01 tb Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2000.
  */
@@ -494,7 +494,7 @@ static int
 asn1_i2d_ex_primitive(ASN1_VALUE **pval, unsigned char **out,
     const ASN1_ITEM *it, int tag, int aclass)
 {
-	int len;
+	int olen, len;
 	int utype;
 	int usetag;
 	int ndef = 0;
@@ -505,7 +505,7 @@ asn1_i2d_ex_primitive(ASN1_VALUE **pval, unsigned char **out,
 	 * out the underlying type.
 	 */
 
-	len = asn1_ex_i2c(pval, NULL, &utype, it);
+	olen = len = asn1_ex_i2c(pval, NULL, &utype, it);
 
 	/* If SEQUENCE, SET or OTHER then header is
 	 * included in pseudo content octets so don't
@@ -541,7 +541,7 @@ asn1_i2d_ex_primitive(ASN1_VALUE **pval, unsigned char **out,
 	if (out) {
 		if (usetag)
 			ASN1_put_object(out, ndef, len, tag, aclass);
-		if (asn1_ex_i2c(pval, *out, &utype, it) != len)
+		if (asn1_ex_i2c(pval, *out, &utype, it) != olen)
 			return -1;
 		if (ndef)
 			ASN1_put_eoc(out);
-- 
cgit v1.2.3-55-g6feb