From: Eugene Syromiatnikov <esyr@openssl.org>
Date: Mon, 1 Sep 2025 12:05:33 +0000 (+0200)
Subject: apps/enc.c: avoid signed integer overflow on bufsize assignment
X-Git-Tag: openssl-3.3.5~55
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=ae23415ade445d8e0c96e4c98c44f4baaffb98cb;p=thirdparty%2Fopenssl.git

apps/enc.c: avoid signed integer overflow on bufsize assignment

The calculated option value, while being long-typed, is not checked
for fitting into int-sized bufsize.  Avoid overflow by throwing error
if it is bigger than INT_MAX and document that behaviour.

Fixes: 7e1b7485706c "Big apps cleanup (option-parsing, etc)"
Resolves: https://scan5.scan.coverity.com/#/project-view/65248/10222?selectedIssue=1665149
References: https://github.com/openssl/project/issues/1362
Signed-off-by: Eugene Syromiatnikov <esyr@openssl.org>

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/28407)

(cherry picked from commit e8cfa4ef4a91311fd1188b3eee8bfc9c8d9e7695)
---

diff --git a/apps/enc.c b/apps/enc.c
index e7421ad896e..2b9985af0bd 100644
--- a/apps/enc.c
+++ b/apps/enc.c
@@ -252,6 +252,8 @@ int enc_main(int argc, char **argv)
                 goto opthelp;
             if (k)
                 n *= 1024;
+            if (n > INT_MAX)
+                goto opthelp;
             bsize = (int)n;
             break;
         case OPT_K:
diff --git a/doc/man1/openssl-enc.pod.in b/doc/man1/openssl-enc.pod.in
index 33fe72d282a..2e7c97a2ba4 100644
--- a/doc/man1/openssl-enc.pod.in
+++ b/doc/man1/openssl-enc.pod.in
@@ -194,6 +194,7 @@ or decryption.
 =item B<-bufsize> I<number>
 
 Set the buffer size for I/O.
+The maximum size that can be specified is B<2^31-1> (2147483647) bytes.
 
 =item B<-nopad>