[openssl] OpenSSL_1_1_1-stable update

kaduk at mit.edu kaduk at mit.edu
Fri Feb 26 23:47:16 UTC 2021

The branch OpenSSL_1_1_1-stable has been updated
       via  a88ea7dfdfba2c34bd575076f12f06d80dd2c0c2 (commit)
      from  3a6e6b1f94ae41e2fd73483464c9c80ddcf30d17 (commit)

- Log -----------------------------------------------------------------
commit a88ea7dfdfba2c34bd575076f12f06d80dd2c0c2
Author: Benjamin Kaduk <bkaduk at akamai.com>
Date:   Wed Feb 24 13:38:25 2021 -0800

    Check ASN1_item_ndef_i2d() return value.
    Return an error instead of trying to malloc a negative number.
    The other usage in this file already had a similar check, and the caller
    should have put an entry on the error stack already.
    Note that we only check the initial calls to obtain the encoded length,
    and assume that the follow-up call to actually encode to the allocated
    storage will succeed if the first one did.
    Fixes: #14177
    Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/14308)
    (cherry picked from commit 90b4247cc5dca58cee9da5f6975bb38fd200100a)


Summary of changes:
 crypto/asn1/bio_ndef.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/crypto/asn1/bio_ndef.c b/crypto/asn1/bio_ndef.c
index 6222c99074..5642262719 100644
--- a/crypto/asn1/bio_ndef.c
+++ b/crypto/asn1/bio_ndef.c
@@ -113,6 +113,8 @@ static int ndef_prefix(BIO *b, unsigned char **pbuf, int *plen, void *parg)
     ndef_aux = *(NDEF_SUPPORT **)parg;
     derlen = ASN1_item_ndef_i2d(ndef_aux->val, NULL, ndef_aux->it);
+    if (derlen < 0)
+        return 0;
     if ((p = OPENSSL_malloc(derlen)) == NULL) {
         return 0;

More information about the openssl-commits mailing list