Prevent 1-byte out-of-bounds read in i2c_ASN1_BIT_STRING

If an ASN.1 BIT STRING a of length > 0 contains only zero bytes in a->data,
this old code would end up reading from a->data[-1]. This may or may not
crash. Luckily, anton observed two openssl-ruby regress test failures in
the last few days, which could eventually be traced back to this (after a
lot of painful digging due to coredumps not working properly).

ok jsing

diff --git a/lib/libcrypto/asn1/a_bitstr.c b/lib/libcrypto/asn1/a_bitstr.c
index a4a379a..7670551 100644 (file)
--- a/lib/libcrypto/asn1/a_bitstr.c
+++ b/lib/libcrypto/asn1/a_bitstr.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: a_bitstr.c,v 1.37 2022/11/08 16:48:28 tb Exp $ */
+/* $OpenBSD: a_bitstr.c,v 1.38 2023/01/13 14:46:08 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -255,11 +255,13 @@ i2c_ASN1_BIT_STRING(ASN1_BIT_STRING *a, unsigned char **pp)
                if (a->flags & ASN1_STRING_FLAG_BITS_LEFT) {
                        bits = (int)a->flags & 0x07;
                } else {
+                       j = 0;
                        for (; len > 0; len--) {
                                if (a->data[len - 1])
                                        break;
                        }
-                       j = a->data[len - 1];
+                       if (len > 0)
+                               j = a->data[len - 1];
                        if (j & 0x01)
                                bits = 0;
                        else if (j & 0x02)