Commit 376dc4e0 authored by Matt Caswell's avatar Matt Caswell
Browse files

Reject decoding of an INT64 with a value >INT64_MAX 



Reviewed-by: default avatarRichard Levitte <levitte@openssl.org>
Reviewed-by: default avatarAndy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3159)
(cherry picked from commit 0856e3f1)
parent a504540f

crypto/asn1/x_int64.c

+5 −0
Original line number Diff line number Diff line
@@ -71,6 +71,11 @@ static int uint64_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, 
        ASN1err(ASN1_F_UINT64_C2I, ASN1_R_ILLEGAL_NEGATIVE_VALUE);

        return 0;

    }

    if ((it->size & INTxx_FLAG_SIGNED) == INTxx_FLAG_SIGNED

            && !neg && utmp > INT64_MAX) {

        ASN1err(ASN1_F_UINT64_C2I, ASN1_R_TOO_LARGE);

        return 0;

    }

    memcpy(cp, &utmp, sizeof(utmp));

    return 1;

}