Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

a1int::getLong() doesn't handle all error cases #351

Closed
melg8 opened this issue Apr 9, 2022 · 0 comments
Closed

a1int::getLong() doesn't handle all error cases #351

melg8 opened this issue Apr 9, 2022 · 0 comments

Comments

@melg8
Copy link
Contributor

melg8 commented Apr 9, 2022

In this method:

xca/lib/asn1int.cpp

Lines 152 to 157 in 3e858c8

long a1int::getLong() const
{
long l = ASN1_INTEGER_get(in);
openssl_error();
return l;
}

openssl_error handles errors through ERR_get_error.
So openssl should set error inside of method.

But implementation of function ASN1_INTEGER_get in openssl (in 1.1.1 and 3.0)
have additional error case:

    if (r > LONG_MAX || r < LONG_MIN)
        return -1;

This error case is reported only by returning -1 value, and can't be detected through ERR_get_error mechanism.

So, in case of a1int containing value, larger/smaller than max/min value which can fit into long type - it will return -1 value, and this -1 value will be propagated as valid value inside of code using getLong() method.
chris2511 added a commit that referenced this issue Aug 30, 2024
@chris2511
Close #351: a1int::getLong() doesn't handle all error cases
1684593 
Check for LONG_MAX and LONG_MIN and throw an error if the returned value
is too big.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@melg8