From: Kazuki Yamaguchi <k@rhe.jp>
Date: Sat, 25 Jan 2025 08:31:16 +0000 (+0900)
Subject: Fix pretty-printing empty serial number in ossl_serial_number_print()
X-Git-Tag: openssl-3.5.0-alpha1~672
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=6f1dbaf7d2a5de5656ff243e5c570bc8da0ad423;p=thirdparty%2Fopenssl.git

Fix pretty-printing empty serial number in ossl_serial_number_print()

Fix a crash when the ASN1_INTEGER has empty content. While it is
illegal, this is the initial state of the serialNumber field when an
X509 object is allocated by X509_new(). X509_print*() should be able to
process an incomplete X509 object too.

Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/26557)
---

diff --git a/crypto/x509/t_x509.c b/crypto/x509/t_x509.c
index 71f9e33c217..9ec7de2dead 100644
--- a/crypto/x509/t_x509.c
+++ b/crypto/x509/t_x509.c
@@ -515,6 +515,12 @@ int ossl_serial_number_print(BIO *out, const ASN1_INTEGER *bs, int indent)
     unsigned long ul;
     const char *neg;
 
+    if (bs->length == 0) {
+        if (BIO_puts(out, " (Empty)") <= 0)
+            return -1;
+        return 0;
+    }
+
     if (bs->length <= (int)sizeof(long)) {
         ERR_set_mark();
         l = ASN1_INTEGER_get(bs);