From: Joseph Paul <joseph.paul@soti.net>
Date: Tue, 10 Mar 2026 13:00:49 +0000 (+0530)
Subject: ossl_bsearch: Fix possible integer overflow bug
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=3c0dae181dbdac0e632f7fc8376eddd079e134d6;p=thirdparty%2Fopenssl.git

ossl_bsearch: Fix possible integer overflow bug

Adding the high and low limits might cause the classic binary
search overflow bug. Probably not a concern but its one less
thing to worry about.

CLA: trivial

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Frederik Wedel-Heinen <fwh.openssl@gmail.com>
Reviewed-by: Eugene Syromiatnikov <esyr@openssl.org>
MergeDate: Fri Mar 13 08:35:30 2026
(Merged from https://github.com/openssl/openssl/pull/30342)
---

diff --git a/crypto/bsearch.c b/crypto/bsearch.c
index f1f1aaf5e8f..201bc6e5f3e 100644
--- a/crypto/bsearch.c
+++ b/crypto/bsearch.c
@@ -25,7 +25,7 @@ const void *ossl_bsearch(const void *key, const void *base, int num,
     l = 0;
     h = num;
     while (l < h) {
-        i = (l + h) / 2;
+        i = l + (h - l) / 2;
         p = &(base_[i * size]);
         if (cmp_thunk != NULL)
             c = cmp_thunk((cmpthunk_fn)cmp, key, (const void *)p);