diff options
Diffstat (limited to 'lib/libcrypto/x509')
-rw-r--r-- | lib/libcrypto/x509/x509_purp.c | 7 | ||||
-rw-r--r-- | lib/libcrypto/x509/x509_trs.c | 7 |
2 files changed, 10 insertions, 4 deletions
diff --git a/lib/libcrypto/x509/x509_purp.c b/lib/libcrypto/x509/x509_purp.c index dbae7bcb7c0..35f20e2bc38 100644 --- a/lib/libcrypto/x509/x509_purp.c +++ b/lib/libcrypto/x509/x509_purp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: x509_purp.c,v 1.34 2024/01/06 17:17:08 tb Exp $ */ +/* $OpenBSD: x509_purp.c,v 1.35 2024/01/07 16:22:46 tb Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2001. */ @@ -232,7 +232,10 @@ LCRYPTO_ALIAS(X509_PURPOSE_get_by_sname); int X509_PURPOSE_get_by_id(int purpose) { - /* X509_PURPOSE_MIN == 1, so the bounds are correct. */ + /* + * Ensure the purpose identifier is between MIN and MAX inclusive. + * If so, translate it to an index into the xstandard[] table. + */ if (purpose < X509_PURPOSE_MIN || purpose > X509_PURPOSE_MAX) return -1; diff --git a/lib/libcrypto/x509/x509_trs.c b/lib/libcrypto/x509/x509_trs.c index e3a20e22b0d..6e98eb27852 100644 --- a/lib/libcrypto/x509/x509_trs.c +++ b/lib/libcrypto/x509/x509_trs.c @@ -1,4 +1,4 @@ -/* $OpenBSD: x509_trs.c,v 1.33 2024/01/07 14:50:45 tb Exp $ */ +/* $OpenBSD: x509_trs.c,v 1.34 2024/01/07 16:22:46 tb Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 1999. */ @@ -191,7 +191,10 @@ LCRYPTO_ALIAS(X509_TRUST_get0); int X509_TRUST_get_by_id(int id) { - /* X509_TRUST_MIN == 1, so the bounds are correct. */ + /* + * Ensure the trust identifier is between MIN and MAX inclusive. + * If so, translate it into an index into the trstandard[] table. + */ if (id < X509_TRUST_MIN && id > X509_TRUST_MAX) return -1; |