diff options
author | Kurt Roeckx <kurt@roeckx.be> | 2017-01-14 16:10:25 +0100 |
---|---|---|
committer | Kurt Roeckx <kurt@roeckx.be> | 2017-01-15 22:21:08 +0100 |
commit | c2ce477f1f3c0a98802fb087b0cf4b0a99ea2b1d (patch) | |
tree | dacb484ee7cb72a3d0299cd1f310a61cfa068344 /crypto/x509 | |
parent | 68d4bcfd0651c7ea5d37ca52abc0d2e6e6b3bd20 (diff) |
Fix undefined behaviour when printing the X509 and CRL version
Found by oss-fuzz
Reviewed-by: Andy Polyakov <appro@openssl.org>
GH: #2231
Diffstat (limited to 'crypto/x509')
-rw-r--r-- | crypto/x509/t_crl.c | 5 | ||||
-rw-r--r-- | crypto/x509/t_req.c | 9 |
2 files changed, 11 insertions, 3 deletions
diff --git a/crypto/x509/t_crl.c b/crypto/x509/t_crl.c index de0320d075..f3ca6db8e5 100644 --- a/crypto/x509/t_crl.c +++ b/crypto/x509/t_crl.c @@ -44,7 +44,10 @@ int X509_CRL_print(BIO *out, X509_CRL *x) BIO_printf(out, "Certificate Revocation List (CRL):\n"); l = X509_CRL_get_version(x); - BIO_printf(out, "%8sVersion %lu (0x%lx)\n", "", l + 1, l); + if (l >= 0 && l <= 1) + BIO_printf(out, "%8sVersion %ld (0x%lx)\n", "", l + 1, (unsigned long)l); + else + BIO_printf(out, "%8sVersion unknown (%ld)\n", "", l); X509_CRL_get0_signature(x, &sig, &sig_alg); X509_signature_print(out, sig_alg, NULL); p = X509_NAME_oneline(X509_CRL_get_issuer(x), NULL, 0); diff --git a/crypto/x509/t_req.c b/crypto/x509/t_req.c index 0fced677dd..77ce810835 100644 --- a/crypto/x509/t_req.c +++ b/crypto/x509/t_req.c @@ -60,8 +60,13 @@ int X509_REQ_print_ex(BIO *bp, X509_REQ *x, unsigned long nmflags, } if (!(cflag & X509_FLAG_NO_VERSION)) { l = X509_REQ_get_version(x); - if (BIO_printf(bp, "%8sVersion: %ld (0x%lx)\n", "", l + 1, l) <= 0) - goto err; + if (l >= 0 && l <= 2) { + if (BIO_printf(bp, "%8sVersion: %ld (0x%lx)\n", "", l + 1, (unsigned long)l) <= 0) + goto err; + } else { + if (BIO_printf(bp, "%8sVersion: Unknown (%ld)\n", "", l) <= 0) + goto err; + } } if (!(cflag & X509_FLAG_NO_SUBJECT)) { if (BIO_printf(bp, " Subject:%c", mlch) <= 0) |