From d51cf71869f39a68d44ab4bde077913c9f9295b3 Mon Sep 17 00:00:00 2001
From: Eugene Syromiatnikov <esyr@openssl.org>
Date: Mon, 1 Sep 2025 14:05:33 +0200
Subject: [PATCH] apps/enc.c: avoid signed integer overflow on bufsize
 assignment

The calculated option value, while being long-typed, is not checked
for fitting into int-sized bufsize.  Avoid overflow by throwing error
if it is bigger than INT_MAX and document that behaviour.

Fixes: 7e1b7485706c "Big apps cleanup (option-parsing, etc)"
Resolves: https://scan5.scan.coverity.com/#/project-view/65248/10222?selectedIssue=1665149
References: https://github.com/openssl/project/issues/1362
Signed-off-by: Eugene Syromiatnikov <esyr@openssl.org>

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/28408)

(cherry picked from commit 98cb959999e4db9be524a972dccaf6b0c8167431)
---
 apps/enc.c                  | 2 ++
 doc/man1/openssl-enc.pod.in | 1 +
 2 files changed, 3 insertions(+)

diff --git a/apps/enc.c b/apps/enc.c
index c275046cf57..bda719b915d 100644
--- a/apps/enc.c
+++ b/apps/enc.c
@@ -234,6 +234,8 @@ int enc_main(int argc, char **argv)
                 goto opthelp;
             if (k)
                 n *= 1024;
+            if (n > INT_MAX)
+                goto opthelp;
             bsize = (int)n;
             break;
         case OPT_K:
diff --git a/doc/man1/openssl-enc.pod.in b/doc/man1/openssl-enc.pod.in
index a47e783e2d6..4612ab0a7ea 100644
--- a/doc/man1/openssl-enc.pod.in
+++ b/doc/man1/openssl-enc.pod.in
@@ -183,6 +183,7 @@ or decryption.
 =item B<-bufsize> I<number>
 
 Set the buffer size for I/O.
+The maximum size that can be specified is B<2^31-1> (2147483647) bytes.
 
 =item B<-nopad>
 
-- 
2.47.3