Skip to content

/ openssl

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Check ASN1_item_ndef_i2d() return value. #14308

Closed
wants to merge 1 commit into from
Closed

Check ASN1_item_ndef_i2d() return value. #14308

wants to merge 1 commit into from

Conversation

@kaduk
Copy link
Contributor

@kaduk kaduk commented Feb 24, 2021

Return an error instead of trying to malloc a negative number.
The other usage in this file already had a similar check, and the caller
should have put an entry on the error stack already.

Note that we only check the initial calls to obtain the encoded length,
and assume that the follow-up call to actually encode to the allocated
storage will succeed if the first one did.

Fixes: #14177
@kaduk
Check ASN1_item_ndef_i2d() return value.
Loading status checks…
69d0861 
Return an error instead of trying to malloc a negative number.
The other usage in this file already had a similar check, and the caller
should have put an entry on the error stack already.

Note that we only check the initial calls to obtain the encoded length,
and assume that the follow-up call to actually encode to the allocated
storage will succeed if the first one did.

Fixes: #14177
@kaduk kaduk added branch: master branch: 1.1.1 approval: otc review pending triaged: bug labels Feb 24, 2021
@slontis
slontis approved these changes Feb 25, 2021
View changes
Copy link
Contributor

@slontis slontis left a comment

Looks like a good idea to do this..
@slontis slontis added approval: done and removed approval: otc review pending labels Feb 25, 2021
@openssl-machine openssl-machine added approval: ready to merge and removed approval: done labels Feb 26, 2021
@openssl-machine
Copy link

@openssl-machine openssl-machine commented Feb 26, 2021

This pull request is ready to merge
openssl-machine pushed a commit that referenced this pull request Feb 26, 2021
@kaduk
Check ASN1_item_ndef_i2d() return value.
Loading status checks…
90b4247 
Return an error instead of trying to malloc a negative number.
The other usage in this file already had a similar check, and the caller
should have put an entry on the error stack already.

Note that we only check the initial calls to obtain the encoded length,
and assume that the follow-up call to actually encode to the allocated
storage will succeed if the first one did.

Fixes: #14177

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from #14308)
openssl-machine pushed a commit that referenced this pull request Feb 26, 2021
@kaduk
Check ASN1_item_ndef_i2d() return value.
Loading status checks…
a88ea7d 
Return an error instead of trying to malloc a negative number.
The other usage in this file already had a similar check, and the caller
should have put an entry on the error stack already.

Note that we only check the initial calls to obtain the encoded length,
and assume that the follow-up call to actually encode to the allocated
storage will succeed if the first one did.

Fixes: #14177

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from #14308)

(cherry picked from commit 90b4247)
@kaduk
Copy link
Contributor Author

@kaduk kaduk commented Feb 26, 2021

Merged to master and 1.1.1; closing.
@kaduk kaduk closed this Feb 26, 2021
@sthagen sthagen mentioned this pull request Feb 27, 2021
Merged
0 of 2 tasks complete
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@slontis slontis

Assignees
No one assigned
Labels
approval: ready to merge branch: 1.1.1 branch: master triaged: bug
Projects
None yet
Milestone
No milestone
Linked issues

Successfully merging this pull request may close these issues.

No check on return value of ASN1_item_ndef_i2d()
3 participants
@kaduk @openssl-machine @slontis