From: jsing Date: Sun, 28 Aug 2022 17:49:25 +0000 (+0000) Subject: Encode an ASN.1 INTEGER with NULL data to value of zero. X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=0d1813d1fe3e2af50ce351381acf3bdce66fe01b;p=openbsd Encode an ASN.1 INTEGER with NULL data to value of zero. When an ASN1_INTEGER is created it has NULL data until a value is set - previously, an ASN1_INTEGER in this state encoded to an ASN.1 INTEGER with a value of 0, rather than being treated as an error. While code should really set values, the historical behaviour has not required this. Found the hard way by sthen@ with acme-client. ok tb@ --- diff --git a/lib/libcrypto/asn1/a_int.c b/lib/libcrypto/asn1/a_int.c index 6a24c5183c6..1f4778922dd 100644 --- a/lib/libcrypto/asn1/a_int.c +++ b/lib/libcrypto/asn1/a_int.c @@ -1,4 +1,4 @@ -/* $OpenBSD: a_int.c,v 1.45 2022/08/20 18:17:33 jsing Exp $ */ +/* $OpenBSD: a_int.c,v 1.46 2022/08/28 17:49:25 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -553,7 +553,9 @@ i2c_ASN1_INTEGER_cbb(ASN1_INTEGER *aint, CBB *cbb) CBS cbs; int ret = 0; - if (aint->data == NULL || aint->length < 0) + if (aint->length < 0) + goto err; + if (aint->data == NULL && aint->length != 0) goto err; if ((aint->type & ~V_ASN1_NEG) != V_ASN1_ENUMERATED &&