[openssl-commits] [openssl] OpenSSL_1_1_0-stable update

Kurt Roeckx kurt at openssl.org
Sat Nov 12 13:09:29 UTC 2016


The branch OpenSSL_1_1_0-stable has been updated
       via  fadfc8ecfd277af189600648fcf1d28f33fd76fe (commit)
      from  0f251d20a5c40cb9b6d30dfec005bb4ead3d5b0f (commit)


- Log -----------------------------------------------------------------
commit fadfc8ecfd277af189600648fcf1d28f33fd76fe
Author: Kurt Roeckx <kurt at roeckx.be>
Date:   Fri Nov 11 21:41:50 2016 +0100

    Cast to an unsigned type before negating
    
    llvm's ubsan reported:
    runtime error: negation of -9223372036854775808 cannot be represented in
    type 'int64_t' (aka 'long'); cast to an unsigned type to negate this
    value to itself
    
    Found using libfuzzer
    
    Reviewed-by: Rich Salz <rsalz at openssl.org>
    
    GH: #1908
    (cherry picked from commit e80f3b6af295133107ac709329eee16ccf9af61c)

-----------------------------------------------------------------------

Summary of changes:
 crypto/asn1/a_int.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/crypto/asn1/a_int.c b/crypto/asn1/a_int.c
index 36248df..833322e 100644
--- a/crypto/asn1/a_int.c
+++ b/crypto/asn1/a_int.c
@@ -289,7 +289,7 @@ static int asn1_get_int64(int64_t *pr, const unsigned char *b, size_t blen,
             ASN1err(ASN1_F_ASN1_GET_INT64, ASN1_R_TOO_SMALL);
             return 0;
         }
-        *pr = -(int64_t)r;
+        *pr = -(uint64_t)r;
     } else {
         if (r > INT64_MAX) {
             ASN1err(ASN1_F_ASN1_GET_INT64, ASN1_R_TOO_LARGE);


More information about the openssl-commits mailing list