From: Eugene Syromiatnikov <esyr@openssl.org>
Date: Mon, 15 Sep 2025 03:14:09 +0000 (+0200)
Subject: apps/storeutl.c: avoid signed integer overflow in indent_printf()
X-Git-Tag: openssl-3.4.3~11
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=61422fd7e084e63f050ceabf1b0debff801f10ab;p=thirdparty%2Fopenssl.git

apps/storeutl.c: avoid signed integer overflow in indent_printf()

As two arbitrarily large printf return values can trigger signed integer
overflow, rewrite the return value handling to avoid it.

Fixes: fb43ddceda79 "Add a recursive option to 'openssl storeutl'"
Resolves: https://scan5.scan.coverity.com/#/project-view/65248/10222?selectedIssue=1665428
References: https://github.com/openssl/project/issues/1432
Signed-off-by: Eugene Syromiatnikov <esyr@openssl.org>

Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/28648)
---

diff --git a/apps/storeutl.c b/apps/storeutl.c
index 1594a9bb756..afa4f47b81b 100644
--- a/apps/storeutl.c
+++ b/apps/storeutl.c
@@ -334,14 +334,22 @@ int storeutl_main(int argc, char *argv[])
 static int indent_printf(int indent, BIO *bio, const char *format, ...)
 {
     va_list args;
-    int ret;
+    int ret, vret;
+
+    ret = BIO_printf(bio, "%*s", indent, "");
+    if (ret < 0)
+        return ret;
 
     va_start(args, format);
+    vret = BIO_vprintf(bio, format, args);
+    va_end(args);
 
-    ret = BIO_printf(bio, "%*s", indent, "") + BIO_vprintf(bio, format, args);
+    if (vret < 0)
+        return vret;
+    if (vret > INT_MAX - ret)
+        return INT_MAX;
 
-    va_end(args);
-    return ret;
+    return ret + vret;
 }
 
 static int process(const char *uri, const UI_METHOD *uimeth, PW_CB_DATA *uidata,