diff options
| author |   tb <tb@openbsd.org> | 2019-04-28 05:03:56 +0000 |
|---|---|---|
| committer | tb <tb@openbsd.org> | 2019-04-28 05:03:56 +0000 |
| commit | ca2449009cc1ac06697fc853c7663b17a9f7a330 (patch) | |
| tree | f80c10454e289478d7113529bf3e155031798a5c | |
| parent | add WITNESS support to barriers modelled on the timeout stuff visa did. (diff) | |
| download | wireguard-openbsd-ca2449009cc1ac06697fc853c7663b17a9f7a330.tar.xz wireguard-openbsd-ca2449009cc1ac06697fc853c7663b17a9f7a330.zip | |
Avoid an undefined shift in ASN1_INTEGER_get().
Fixes oss-fuzz issue #13804
ok beck, jsing
| -rw-r--r-- | lib/libcrypto/asn1/a_int.c | 12 |
1 files changed, 8 insertions, 4 deletions
diff --git a/lib/libcrypto/asn1/a_int.c b/lib/libcrypto/asn1/a_int.c index 1b2ebfb3a95..d14bd7959b5 100644 --- a/lib/libcrypto/asn1/a_int.c +++ b/lib/libcrypto/asn1/a_int.c @@ -1,4 +1,4 @@ -/* $OpenBSD: a_int.c,v 1.33 2019/03/26 09:15:07 jsing Exp $ */ +/* $OpenBSD: a_int.c,v 1.34 2019/04/28 05:03:56 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -418,7 +418,7 @@ long ASN1_INTEGER_get(const ASN1_INTEGER *a) { int neg = 0, i; - long r = 0; + unsigned long r = 0; if (a == NULL) return (0L); @@ -442,9 +442,13 @@ ASN1_INTEGER_get(const ASN1_INTEGER *a) r <<= 8; r |= (unsigned char)a->data[i]; } + + if (r > LONG_MAX) + return -1; + if (neg) - r = -r; - return (r); + return -(long)r; + return (long)r; } ASN1_INTEGER * |