Add params precondition in ASN1_STRING_TABLE_add, ASN1_STRING_TABLE_get

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27707)

diff --git a/crypto/asn1/a_strnid.c b/crypto/asn1/a_strnid.c
index 6b2288f1ede2cbbe539600baff5ba5c65de960e3..14b57ac5a9b1631734dc7e0b8f7105daf7adfd7b 100644 (file)
--- a/crypto/asn1/a_strnid.c
+++ b/crypto/asn1/a_strnid.c
@@ -129,6 +129,11 @@ ASN1_STRING_TABLE *ASN1_STRING_TABLE_get(int nid)
     int idx;
     ASN1_STRING_TABLE fnd;
 
+    if (nid <= 0) {
+        ERR_raise(ERR_LIB_ASN1, ERR_R_PASSED_INVALID_ARGUMENT);
+        return NULL;
+    }
+
 #ifndef OPENSSL_NO_AUTOLOAD_CONFIG
     /* "stable" can be impacted by config, so load the config file first */
     OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CONFIG, NULL);
@@ -190,6 +195,11 @@ int ASN1_STRING_TABLE_add(int nid,
 {
     ASN1_STRING_TABLE *tmp;
 
+    if (nid <= 0 || (minsize >= 0 && maxsize >= 0 && minsize > maxsize)) {
+        ERR_raise(ERR_LIB_ASN1, ERR_R_PASSED_INVALID_ARGUMENT);
+        return 0;
+    }
+
     tmp = stable_get(nid);
     if (tmp == NULL) {
         ERR_raise(ERR_LIB_ASN1, ERR_R_ASN1_LIB);