From: Dr. David von Oheimb <David.von.Oheimb@siemens.com>
Date: Mon, 28 Jun 2021 10:17:25 +0000 (+0200)
Subject: ossl_cmp_error_new(): Fix Coverity issue 1486534, and consequently also issues 148653... 
X-Git-Tag: openssl-3.0.0-beta2~159
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=6eaf139f62001b958861f25c5cebc41c76c579bd;p=thirdparty%2Fopenssl.git

ossl_cmp_error_new(): Fix Coverity issue 1486534, and consequently also issues 1486536 and 1486533

The issues are due to an integer overflow that may happen on '(ERR_SYSTEM_FLAG << 1)'.

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15938)
---

diff --git a/crypto/cmp/cmp_msg.c b/crypto/cmp/cmp_msg.c
index fe4b64d575c..4fef006933a 100644
--- a/crypto/cmp/cmp_msg.c
+++ b/crypto/cmp/cmp_msg.c
@@ -748,7 +748,8 @@ OSSL_CMP_MSG *ossl_cmp_error_new(OSSL_CMP_CTX *ctx, const OSSL_CMP_PKISI *si,
         goto err;
     if (!ASN1_INTEGER_set_int64(msg->body->value.error->errorCode, errorCode))
         goto err;
-    if (errorCode > 0 && errorCode < (ERR_SYSTEM_FLAG << 1)) {
+    if (errorCode > 0
+            && (uint64_t)errorCode < ((uint64_t)ERR_SYSTEM_FLAG << 1)) {
         lib = ERR_lib_error_string((unsigned long)errorCode);
         reason = ERR_reason_error_string((unsigned long)errorCode);
     }