]> git.ipfire.org Git - thirdparty/openssl.git/commit
apps/enc.c: avoid signed integer overflow on bufsize assignment
authorEugene Syromiatnikov <esyr@openssl.org>
Mon, 1 Sep 2025 12:05:33 +0000 (14:05 +0200)
committerNeil Horman <nhorman@openssl.org>
Sat, 6 Sep 2025 14:18:19 +0000 (10:18 -0400)
commitd51cf71869f39a68d44ab4bde077913c9f9295b3
tree3cece159ba6b570de167d215ecc643a3d326314b
parentc87359d22f5e92964976a91b17bda68b131b4ecc
apps/enc.c: avoid signed integer overflow on bufsize assignment

The calculated option value, while being long-typed, is not checked
for fitting into int-sized bufsize.  Avoid overflow by throwing error
if it is bigger than INT_MAX and document that behaviour.

Fixes: 7e1b7485706c "Big apps cleanup (option-parsing, etc)"
Resolves: https://scan5.scan.coverity.com/#/project-view/65248/10222?selectedIssue=1665149
References: https://github.com/openssl/project/issues/1362
Signed-off-by: Eugene Syromiatnikov <esyr@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/28408)

(cherry picked from commit 98cb959999e4db9be524a972dccaf6b0c8167431)
apps/enc.c
doc/man1/openssl-enc.pod.in