[openssl-commits] [openssl] OpenSSL_1_0_2-stable update

Richard Levitte levitte at openssl.org
Mon Mar 20 21:11:06 UTC 2017 

The branch OpenSSL_1_0_2-stable has been updated
       via  2e5adeb2904dd68780fb154dbeb6e3efafb418bb (commit)
       via  9abe889702bdc73f9490f611f54bf9c865702554 (commit)
       via  e5afec1831248c767be7c5844a88535dabecc01a (commit)
       via  2cbd4d98673d99cd7cb10715656b6d3727342e77 (commit)
      from  e6c53b0ced916633c8038736fde5613bf5b3e0dc (commit)


- Log -----------------------------------------------------------------
commit 2e5adeb2904dd68780fb154dbeb6e3efafb418bb
Author: Richard Levitte <levitte at openssl.org>
Date:   Mon Mar 20 21:31:02 2017 +0100

    Fix decoding of ASN.1 LONG and ZLONG items
    
    LONG and ZLONG items (which are OpenSSL private special cases of
    ASN1_INTEGER) are encoded into DER with padding if the leading octet
    has the high bit set, where the padding can be 0x00 (for positive
    numbers) or 0xff (for negative ones).
    
    When decoding DER to LONG or ZLONG, the padding wasn't taken in
    account at all, which means that if the encoded size with padding
    is one byte more than the size of long, decoding fails.  This change
    fixes that issue.
    
    Reviewed-by: Rich Salz <rsalz at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/3000)
    (cherry picked from commit ca2045dc545ba4afe8abbe29d0316ee3d36da7df)

commit 9abe889702bdc73f9490f611f54bf9c865702554
Author: Kurt Roeckx <kurt at roeckx.be>
Date:   Sun Jan 15 12:33:45 2017 +0100

    Fix VC warnings about unary minus to an unsigned type.
    
    Reviewed-by: Andy Polyakov <appro at openssl.org>
    GH: #2230
    (partial cherry pick from commit 68d4bcfd0651c7ea5d37ca52abc0d2e6e6b3bd20)

commit e5afec1831248c767be7c5844a88535dabecc01a
Author: Kurt Roeckx <kurt at roeckx.be>
Date:   Sun Jul 17 15:28:09 2016 +0200

    Cast to an unsigned type before negating
    
    llvm's ubsan reported:
    runtime error: negation of -9223372036854775808 cannot be represented in type
    'long'; cast to an unsigned type to negate this value to itself
    
    Found using afl
    
    Reviewed-by: Rich Salz <rsalz at openssl.org>
    GH: #1325
    (cherry picked from commit 1618679ac478c8f41fc5f320fb4d8a33883b3868)

commit 2cbd4d98673d99cd7cb10715656b6d3727342e77
Author: Kurt Roeckx <kurt at roeckx.be>
Date:   Thu Jun 23 09:37:51 2016 +0200

    Avoid signed overflow
    
    Found by afl
    
    Reviewed-by: Rich Salz <rsalz at openssl.org>
    
    MR: #3013
    (cherry picked from commit 5bea15ebb359c91a1bb7569620ead14bb71cfb81)

-----------------------------------------------------------------------

Summary of changes:
 crypto/asn1/x_long.c | 38 ++++++++++++++++++++++++++++++--------
 crypto/bio/b_print.c |  2 +-
 2 files changed, 31 insertions(+), 9 deletions(-)

diff --git a/crypto/asn1/x_long.c b/crypto/asn1/x_long.c
index 3aed44a..aecb950 100644
--- a/crypto/asn1/x_long.c
+++ b/crypto/asn1/x_long.c
@@ -126,7 +126,7 @@ static int long_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype,
      * set.
      */
     if (ltmp < 0)
-        utmp = -ltmp - 1;
+        utmp = 0 - (unsigned long)ltmp - 1;
     else
         utmp = ltmp;
     clen = BN_num_bits_word(utmp);
@@ -155,19 +155,41 @@ static int long_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype,
 static int long_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len,
                     int utype, char *free_cont, const ASN1_ITEM *it)
 {
-    int neg, i;
+    int neg = -1, i;
     long ltmp;
     unsigned long utmp = 0;
     char *cp = (char *)pval;
+
+    if (len) {
+        /*
+         * Check possible pad byte.  Worst case, we're skipping past actual
+         * content, but since that's only with 0x00 and 0xff and we set neg
+         * accordingly, the result will be correct in the end anyway.
+         */
+        switch (cont[0]) {
+        case 0xff:
+            cont++;
+            len--;
+            neg = 1;
+            break;
+        case 0:
+            cont++;
+            len--;
+            neg = 0;
+            break;
+        }
+    }
     if (len > (int)sizeof(long)) {
         ASN1err(ASN1_F_LONG_C2I, ASN1_R_INTEGER_TOO_LARGE_FOR_LONG);
         return 0;
     }
-    /* Is it negative? */
-    if (len && (cont[0] & 0x80))
-        neg = 1;
-    else
-        neg = 0;
+    if (neg == -1) {
+        /* Is it negative? */
+        if (len && (cont[0] & 0x80))
+            neg = 1;
+        else
+            neg = 0;
+    }
     utmp = 0;
     for (i = 0; i < len; i++) {
         utmp <<= 8;
@@ -178,8 +200,8 @@ static int long_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len,
     }
     ltmp = (long)utmp;
     if (neg) {
-        ltmp++;
         ltmp = -ltmp;
+        ltmp--;
     }
     if (ltmp == it->size) {
         ASN1err(ASN1_F_LONG_C2I, ASN1_R_INTEGER_TOO_LARGE_FOR_LONG);
diff --git a/crypto/bio/b_print.c b/crypto/bio/b_print.c
index 987fe06..eb3ab75 100644
--- a/crypto/bio/b_print.c
+++ b/crypto/bio/b_print.c
@@ -502,7 +502,7 @@ fmtint(char **sbuffer,
     if (!(flags & DP_F_UNSIGNED)) {
         if (value < 0) {
             signvalue = '-';
-            uvalue = -value;
+            uvalue = -(unsigned LLONG)value;
         } else if (flags & DP_F_PLUS)
             signvalue = '+';
         else if (flags & DP_F_SPACE)

More information about the openssl-commits mailing list