diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2016-03-04 18:04:46 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2016-03-07 15:14:18 +0000 |
commit | 01c32b5e448f6d42a23ff16bdc6bb0605287fa6f (patch) | |
tree | 9378bfbc599ab39fdeceb3289fa0d226f71ad519 /crypto/asn1 | |
parent | bd34ecbae008f23f9d64375ef766148e23084ccf (diff) |
Don't shift serial number into sign bit
Reviewed-by: Rich Salz <rsalz@openssl.org>
Diffstat (limited to 'crypto/asn1')
-rw-r--r-- | crypto/asn1/t_x509.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/crypto/asn1/t_x509.c b/crypto/asn1/t_x509.c index 8aab55130c..8888396f84 100644 --- a/crypto/asn1/t_x509.c +++ b/crypto/asn1/t_x509.c @@ -140,7 +140,8 @@ int X509_print_ex(BIO *bp, X509 *x, unsigned long nmflags, goto err; bs = X509_get_serialNumber(x); - if (bs->length <= (int)sizeof(long)) { + if (bs->length < (int)sizeof(long) + || (bs->length == sizeof(long) && (bs->data[0] & 0x80) == 0)) { l = ASN1_INTEGER_get(bs); if (bs->type == V_ASN1_NEG_INTEGER) { l = -l; |