[openssl-commits] [openssl] master update
Richard Levitte
levitte at openssl.org
Tue Apr 11 20:08:50 UTC 2017
The branch master has been updated
via 429223d198aabacd129cf6dde5a4203b5af41737 (commit)
via afd7cae2713e407bce5cd7bbc47fcf9c1d7c3862 (commit)
from fe55c4a20f79c77c64a082c5df2c5e8a61317162 (commit)
- Log -----------------------------------------------------------------
commit 429223d198aabacd129cf6dde5a4203b5af41737
Author: Richard Levitte <levitte at openssl.org>
Date: Mon Apr 10 22:01:05 2017 +0200
Fix x_int64.c
Clearing a misunderstanding. The routines c2i_uint64_int() and
i2c_uint64_int() expect to receive that internal values are absolute
and with a separate sign flag, and the x_int64.c code handles values
that aren't absolute and have the sign bit embedded. We therefore
need to convert between absolute and non-absolute values for the
encoding of negative values to be correct.
[extended tests]
Reviewed-by: Andy Polyakov <appro at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3160)
commit afd7cae2713e407bce5cd7bbc47fcf9c1d7c3862
Author: Richard Levitte <levitte at openssl.org>
Date: Mon Apr 10 21:50:25 2017 +0200
Fix int64 test of t_4bytes_4_neg
{ 0x80, 0x00, 0x00, 0x00 } decoded isn't (positive) 0x80000000,
it's (negative) INT32_MIN.
Reviewed-by: Andy Polyakov <appro at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3160)
-----------------------------------------------------------------------
Summary of changes:
crypto/asn1/x_int64.c | 39 +++++++++++++++++++++++++++++++--------
test/asn1_encode_test.c | 5 +++--
2 files changed, 34 insertions(+), 10 deletions(-)
diff --git a/crypto/asn1/x_int64.c b/crypto/asn1/x_int64.c
index 33e4061..63a3277 100644
--- a/crypto/asn1/x_int64.c
+++ b/crypto/asn1/x_int64.c
@@ -52,8 +52,11 @@ static int uint64_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype,
&& utmp == 0)
return -1;
if ((it->size & INTxx_FLAG_SIGNED) == INTxx_FLAG_SIGNED
- && (int64_t)utmp < 0)
+ && (int64_t)utmp < 0) {
+ /* i2c_uint64_int() assumes positive values */
+ utmp = 0 - utmp;
neg = 1;
+ }
return i2c_uint64_int(cont, utmp, neg);
}
@@ -76,6 +79,9 @@ static int uint64_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len,
ASN1err(ASN1_F_UINT64_C2I, ASN1_R_TOO_LARGE);
return 0;
}
+ if (neg)
+ /* c2i_uint64_int() returns positive values */
+ utmp = 0 - utmp;
memcpy(cp, &utmp, sizeof(utmp));
return 1;
}
@@ -116,12 +122,22 @@ static int uint32_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype,
&& utmp == 0)
return -1;
if ((it->size & INTxx_FLAG_SIGNED) == INTxx_FLAG_SIGNED
- && (int32_t)utmp < 0)
+ && (int32_t)utmp < 0) {
+ /* i2c_uint64_int() assumes positive values */
+ utmp = 0 - utmp;
neg = 1;
+ }
return i2c_uint64_int(cont, (uint64_t)utmp, neg);
}
+/*
+ * Absolute value of INT32_MIN: we can't just use -INT32_MIN as it produces
+ * overflow warnings.
+ */
+
+#define ABS_INT32_MIN ((uint32_t)INT32_MAX + 1)
+
static int uint32_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len,
int utype, char *free_cont, const ASN1_ITEM *it)
{
@@ -136,13 +152,20 @@ static int uint32_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len,
ASN1err(ASN1_F_UINT32_C2I, ASN1_R_ILLEGAL_NEGATIVE_VALUE);
return 0;
}
- utmp2 = (uint32_t)utmp;
- if (utmp != utmp2
- || ((it->size & INTxx_FLAG_SIGNED) == INTxx_FLAG_SIGNED
- && !neg && utmp2 > INT32_MAX)) {
- ASN1err(ASN1_F_UINT32_C2I, ASN1_R_TOO_LARGE);
- return 0;
+ if (neg) {
+ if (utmp > ABS_INT32_MIN) {
+ ASN1err(ASN1_F_UINT32_C2I, ASN1_R_TOO_SMALL);
+ return 0;
+ }
+ utmp = 0 - utmp;
+ } else {
+ if (((it->size & INTxx_FLAG_SIGNED) != 0 && utmp > INT32_MAX)
+ || ((it->size & INTxx_FLAG_SIGNED) == 0 && utmp > UINT32_MAX)) {
+ ASN1err(ASN1_F_UINT32_C2I, ASN1_R_TOO_LARGE);
+ return 0;
+ }
}
+ utmp2 = (uint32_t)utmp;
memcpy(cp, &utmp2, sizeof(utmp2));
return 1;
}
diff --git a/test/asn1_encode_test.c b/test/asn1_encode_test.c
index 45e3005..36cf7f9 100644
--- a/test/asn1_encode_test.c
+++ b/test/asn1_encode_test.c
@@ -381,7 +381,7 @@ static ASN1_INT64_DATA int64_expected[] = {
CUSTOM_EXPECTED_SUCCESS(0x80000000, 0x80000000), /* t_4bytes_1 */
CUSTOM_EXPECTED_SUCCESS(INT32_MAX - 1, INT32_MAX -1), /* t_4bytes_2 */
CUSTOM_EXPECTED_FAILURE, /* t_4bytes_3_pad (illegal padding) */
- CUSTOM_EXPECTED_SUCCESS(0x80000000, 0x80000000), /* t_4bytes_4_neg */
+ CUSTOM_EXPECTED_SUCCESS(INT32_MIN, INT32_MIN), /* t_4bytes_4_neg */
CUSTOM_EXPECTED_FAILURE, /* t_4bytes_5_negpad (illegal padding) */
};
static ASN1_INT64_DATA int64_encdec_data[] = {
@@ -419,7 +419,8 @@ static ASN1_UINT64_DATA uint64_expected[] = {
CUSTOM_EXPECTED_SUCCESS(ASN1_LONG_UNDEF, ASN1_LONG_UNDEF), /* t_zero */
CUSTOM_EXPECTED_SUCCESS(1, 1), /* t_one */
CUSTOM_EXPECTED_FAILURE, /* t_9bytes_1 */
- CUSTOM_EXPECTED_SUCCESS(INT64_MIN, INT64_MIN), /* t_8bytes_1 */
+ CUSTOM_EXPECTED_SUCCESS((uint64_t)INT64_MAX+1, (uint64_t)INT64_MAX+1),
+ /* t_8bytes_1 */
CUSTOM_EXPECTED_SUCCESS(INT64_MAX, INT64_MAX), /* t_8bytes_2 */
CUSTOM_EXPECTED_FAILURE, /* t_8bytes_3_pad */
CUSTOM_EXPECTED_FAILURE, /* t_8bytes_4_neg */
More information about the openssl-commits
mailing list