diff options
| author | Ingo Schwarze <schwarze@cvs.openbsd.org> | 2021-12-09 15:28:59 +0000 |
|---|---|---|
| committer | Ingo Schwarze <schwarze@cvs.openbsd.org> | 2021-12-09 15:28:59 +0000 |
| commit | 62f13acefe9591a106074c9c2ead01fe013b6334 (patch) | |
| tree | 2c1145f9dc738ab4668cf39a1d8da3ace7259524 /lib/libcrypto/bio/bio_lib.c | |
| parent | 564d06bb93722a75d7046dd4fcc9cc1332305b7e (diff) | |
Fix an issue that might possibly turn into a DOS depending on
how application software uses the API function BIO_indent(3):
If the caller asks for some output, but not more than some negative
number of bytes, give them zero bytes of output rather than drowning
them in nearly INT_MAX bytes.
OK tb@
Diffstat (limited to 'lib/libcrypto/bio/bio_lib.c')
| -rw-r--r-- | lib/libcrypto/bio/bio_lib.c | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/lib/libcrypto/bio/bio_lib.c b/lib/libcrypto/bio/bio_lib.c index 05f02589477..85eb0f0c772 100644 --- a/lib/libcrypto/bio/bio_lib.c +++ b/lib/libcrypto/bio/bio_lib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bio_lib.c,v 1.30 2021/10/24 13:46:56 tb Exp $ */ +/* $OpenBSD: bio_lib.c,v 1.31 2021/12/09 15:28:58 schwarze Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -391,10 +391,10 @@ BIO_gets(BIO *b, char *in, int inl) int BIO_indent(BIO *b, int indent, int max) { - if (indent < 0) - indent = 0; if (indent > max) indent = max; + if (indent < 0) + indent = 0; while (indent--) if (BIO_puts(b, " ") != 1) return 0; |