diff options
| author | Ingo Schwarze <schwarze@cvs.openbsd.org> | 2021-12-13 14:06:18 +0000 |
|---|---|---|
| committer | Ingo Schwarze <schwarze@cvs.openbsd.org> | 2021-12-13 14:06:18 +0000 |
| commit | 49c35d9f7026606023b67852f16caaa7ebf7e475 (patch) | |
| tree | c6df8dc14054772102d7421ff58e308239c67b8a | |
| parent | ab9117de5d404caaa893873b28bc1341c075daa6 (diff) | |
Catch integer overflow rather than silently truncating while
parsing MASK: strings in ASN1_STRING_set_default_mask_asc(3).
Issue noticed by tb@, patch by me, two additional #include lines from tb@.
OK tb@.
| -rw-r--r-- | lib/libcrypto/asn1/a_strnid.c | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/lib/libcrypto/asn1/a_strnid.c b/lib/libcrypto/asn1/a_strnid.c index 08043f723b6..f14daa602c5 100644 --- a/lib/libcrypto/asn1/a_strnid.c +++ b/lib/libcrypto/asn1/a_strnid.c @@ -1,4 +1,4 @@ -/* $OpenBSD: a_strnid.c,v 1.23 2021/12/11 22:58:48 schwarze Exp $ */ +/* $OpenBSD: a_strnid.c,v 1.24 2021/12/13 14:06:17 schwarze Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 1999. */ @@ -56,7 +56,10 @@ * */ +#include <errno.h> +#include <limits.h> #include <stdio.h> +#include <stdlib.h> #include <string.h> #include <openssl/asn1.h> @@ -106,11 +109,17 @@ ASN1_STRING_set_default_mask_asc(const char *p) { unsigned long mask; char *end; + int save_errno; if (strncmp(p, "MASK:", 5) == 0) { if (p[5] == '\0') return 0; + save_errno = errno; + errno = 0; mask = strtoul(p + 5, &end, 0); + if (errno == ERANGE && mask == ULONG_MAX) + return 0; + errno = save_errno; if (*end != '\0') return 0; } else if (strcmp(p, "nombstr") == 0) |