[openssl] master update

kaduk at mit.edu kaduk at mit.edu
Fri Feb 26 23:43:07 UTC 2021

The branch master has been updated
       via  90b4247cc5dca58cee9da5f6975bb38fd200100a (commit)
      from  d2ccfb9caa9f69d4980f8fe49a15a043c91b40c5 (commit)

- Log -----------------------------------------------------------------
commit 90b4247cc5dca58cee9da5f6975bb38fd200100a
Author: Benjamin Kaduk <bkaduk at akamai.com>
Date:   Wed Feb 24 13:38:25 2021 -0800

    Check ASN1_item_ndef_i2d() return value.
    Return an error instead of trying to malloc a negative number.
    The other usage in this file already had a similar check, and the caller
    should have put an entry on the error stack already.
    Note that we only check the initial calls to obtain the encoded length,
    and assume that the follow-up call to actually encode to the allocated
    storage will succeed if the first one did.
    Fixes: #14177
    Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/14308)


Summary of changes:
 crypto/asn1/bio_ndef.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/crypto/asn1/bio_ndef.c b/crypto/asn1/bio_ndef.c
index 87c22e897c..f1ad8d3e70 100644
--- a/crypto/asn1/bio_ndef.c
+++ b/crypto/asn1/bio_ndef.c
@@ -114,6 +114,8 @@ static int ndef_prefix(BIO *b, unsigned char **pbuf, int *plen, void *parg)
     ndef_aux = *(NDEF_SUPPORT **)parg;
     derlen = ASN1_item_ndef_i2d(ndef_aux->val, NULL, ndef_aux->it);
+    if (derlen < 0)
+        return 0;
     if ((p = OPENSSL_malloc(derlen)) == NULL) {
         return 0;

More information about the openssl-commits mailing list