Skip to content

Commit

Permalink
Fix incomplete error check on ASN1_item_i2d()
Browse files Browse the repository at this point in the history 
According to the documentation and my analysis tool
ASN1_item_i2d() can return a negative value on error,
but this is not checked. Fix it by changing the error check condition.

CLA: trivial

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from #20251)
  • Loading branch information
@nielsdos @paulidale
nielsdos authored and paulidale committed Feb 28, 2023
1 parent 7066c57 commit 5df5032
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion crypto/asn1/asn_pack.c
View file
Expand Up @@ -28,7 +28,7 @@ ASN1_STRING *ASN1_item_pack(void *obj, const ASN1_ITEM *it, ASN1_STRING **oct)

ASN1_STRING_set0(octmp, NULL, 0);

if ((octmp->length = ASN1_item_i2d(obj, &octmp->data, it)) == 0) {
if ((octmp->length = ASN1_item_i2d(obj, &octmp->data, it)) <= 0) {
ERR_raise(ERR_LIB_ASN1, ASN1_R_ENCODE_ERROR);
goto err;
}
Expand Down

0 comments on commit 5df5032

Please sign in to comment.