]> git.ipfire.org Git - thirdparty/openssl.git/commitdiff
projects / thirdparty / openssl.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: af006a0)
ossl_bsearch: Fix possible integer overflow bug
authorJoseph Paul <joseph.paul@soti.net>
Tue, 10 Mar 2026 13:00:49 +0000 (18:30 +0530)
committerNorbert Pocs <norbertp@openssl.org>
Fri, 13 Mar 2026 08:35:23 +0000 (09:35 +0100)
Adding the high and low limits might cause the classic binary
search overflow bug. Probably not a concern but its one less
thing to worry about.

CLA: trivial

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Frederik Wedel-Heinen <fwh.openssl@gmail.com>
Reviewed-by: Eugene Syromiatnikov <esyr@openssl.org>
MergeDate: Fri Mar 13 08:35:30 2026
(Merged from https://github.com/openssl/openssl/pull/30342)

crypto/bsearch.c patch | blob | blame | history

diff --git a/crypto/bsearch.c b/crypto/bsearch.c
index f1f1aaf5e8f783141d778a2bbc049a2c76eb294e..201bc6e5f3e278dfd73e6dad2bfaeb57c9837ce2 100644 (file)
--- a/crypto/bsearch.c
+++ b/crypto/bsearch.c
@@ -25,7 +25,7 @@ const void *ossl_bsearch(const void *key, const void *base, int num,
     l = 0;
     h = num;
     while (l < h) {
-        i = (l + h) / 2;
+        i = l + (h - l) / 2;
         p = &(base_[i * size]);
         if (cmp_thunk != NULL)
             c = cmp_thunk((cmpthunk_fn)cmp, key, (const void *)p);
Mirror of https://github.com/openssl/openssl.git