diff options
| author | Neil Horman <nhorman@openssl.org> | 2024-07-23 21:30:38 +0200 |
|---|---|---|
| committer | Neil Horman <nhorman@openssl.org> | 2024-07-25 20:23:39 +0200 |
| commit | 86fd4c1df91e58d316c863b5160d18c0f80dc6ac (patch) | |
| tree | a85110d97fc1d762d62010e8dc697bd87f307fa7 /crypto/asn1/a_object.c | |
| parent | Fix typo in mk-fipsmodule-cnf.pl (diff) | |
| download | openssl-86fd4c1df91e58d316c863b5160d18c0f80dc6ac.tar.xz openssl-86fd4c1df91e58d316c863b5160d18c0f80dc6ac.zip | |
Fix Coverity-1604641
Coverity flagged an overflow warning here that can occur if BIO_write
returns an error.
The overflow itself is a bit of a non-issue, but if BIO_write returns
< 0, then the return from i2a_ASN1_OBJECT will be some odd value
representing whatever the offset from the error code to the number of
bytes the dump may or may not have written (or some larger negative
error code if both fail.
So lets fix it. Only do the dump if the BIO_write call returned 0 or
greaater.
Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Paul Yang <kaishen.yy@antfin.com>
(Merged from https://github.com/openssl/openssl/pull/24976)
Diffstat (limited to '')
| -rw-r--r-- | crypto/asn1/a_object.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/crypto/asn1/a_object.c b/crypto/asn1/a_object.c index 73c69eacd2..2279379793 100644 --- a/crypto/asn1/a_object.c +++ b/crypto/asn1/a_object.c @@ -198,7 +198,8 @@ int i2a_ASN1_OBJECT(BIO *bp, const ASN1_OBJECT *a) } if (i <= 0) { i = BIO_write(bp, "<INVALID>", 9); - i += BIO_dump(bp, (const char *)a->data, a->length); + if (i > 0) + i += BIO_dump(bp, (const char *)a->data, a->length); return i; } BIO_write(bp, p, i); |