From 959c447e5628f55d9e93b4d5507dd06951d6b4c1 Mon Sep 17 00:00:00 2001 From: bluhm Date: Thu, 30 Mar 2023 17:20:53 +0000 Subject: [PATCH] i2d_ECDSA_SIG() may return a negative value in case of error. Do no use this as length in iked(8) _dsa_verify_prepare(). OK tobhe@ tb@ --- sbin/iked/crypto.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/sbin/iked/crypto.c b/sbin/iked/crypto.c index 50ee2757197..f1a66143f2f 100644 --- a/sbin/iked/crypto.c +++ b/sbin/iked/crypto.c @@ -1,4 +1,4 @@ -/* $OpenBSD: crypto.c,v 1.41 2022/11/30 12:42:24 tb Exp $ */ +/* $OpenBSD: crypto.c,v 1.42 2023/03/30 17:20:53 bluhm Exp $ */ /* * Copyright (c) 2010-2013 Reyk Floeter @@ -1120,7 +1120,8 @@ _dsa_verify_prepare(struct iked_dsa *dsa, uint8_t **sigp, size_t *lenp, { ECDSA_SIG *obj = NULL; uint8_t *ptr = NULL; - size_t bnlen, len, off; + size_t bnlen, off; + ssize_t len; int ret = -1; BIGNUM *r = NULL, *s = NULL; @@ -1156,7 +1157,7 @@ _dsa_verify_prepare(struct iked_dsa *dsa, uint8_t **sigp, size_t *lenp, (r = BN_bin2bn(*sigp, bnlen, NULL)) == NULL || (s = BN_bin2bn(*sigp+bnlen, bnlen, NULL)) == NULL || ECDSA_SIG_set0(obj, r, s) == 0 || - (len = i2d_ECDSA_SIG(obj, &ptr)) == 0) + (len = i2d_ECDSA_SIG(obj, &ptr)) <= 0) goto done; r = s = NULL; *lenp = len; -- 2.20.1