From 04e9acdb7805182f7e4b81d1fe4ae31dd77784eb Mon Sep 17 00:00:00 2001
From: tb <>
Date: Sun, 12 May 2019 15:56:31 +0000
Subject: Fix signed overflow in X509_CRL_print().

fixes oss-fuzz #14558

ok beck jsing
---
 src/lib/libcrypto/asn1/t_crl.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

(limited to 'src/lib')

diff --git a/src/lib/libcrypto/asn1/t_crl.c b/src/lib/libcrypto/asn1/t_crl.c
index c8122442bb..057b8fe311 100644
--- a/src/lib/libcrypto/asn1/t_crl.c
+++ b/src/lib/libcrypto/asn1/t_crl.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: t_crl.c,v 1.17 2017/01/29 17:49:22 beck Exp $ */
+/* $OpenBSD: t_crl.c,v 1.18 2019/05/12 15:56:31 tb Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 1999.
  */
@@ -57,6 +57,7 @@
  */
 
 #include <stdio.h>
+#include <limits.h>
 
 #include <openssl/bn.h>
 #include <openssl/buffer.h>
@@ -92,6 +93,8 @@ X509_CRL_print(BIO *out, X509_CRL *x)
 
 	BIO_printf(out, "Certificate Revocation List (CRL):\n");
 	l = X509_CRL_get_version(x);
+	if (l < 0 || l == LONG_MAX)
+		goto err;
 	BIO_printf(out, "%8sVersion %lu (0x%lx)\n", "", l + 1, l);
 	i = OBJ_obj2nid(x->sig_alg->algorithm);
 	if (X509_signature_print(out, x->sig_alg, NULL) == 0)
-- 
cgit v1.2.3-55-g6feb