From 82ff31d3e78413677023ac04a4a5ff94f2371a24 Mon Sep 17 00:00:00 2001
From: Bernd Edlinger <bernd.edlinger@hotmail.de>
Date: Mon, 2 Apr 2018 09:13:49 +0200
Subject: Fix range checks with -offset and -length in asn1parse

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/5826)

(cherry picked from commit 16e1eea6a67c85c9d786f3c4448182b1aca101b8)
---
 apps/asn1pars.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'apps')

diff --git a/apps/asn1pars.c b/apps/asn1pars.c
index 55ecd7cab0..6e7ed289d5 100644
--- a/apps/asn1pars.c
+++ b/apps/asn1pars.c
@@ -327,14 +327,14 @@ int MAIN(int argc, char **argv)
         num = tmplen;
     }
 
-    if (offset >= num) {
+    if (offset < 0 || offset >= num) {
         BIO_printf(bio_err, "Error: offset too large\n");
         goto end;
     }
 
     num -= offset;
 
-    if ((length == 0) || ((long)length > num))
+    if (length == 0 || length > (unsigned int)num)
         length = (unsigned int)num;
     if (derout) {
         if (BIO_write(derout, str + offset, length) != (int)length) {
-- 
cgit v1.2.3