From: Neil Horman <nhorman@openssl.org>
Date: Fri, 26 Jul 2024 15:01:05 +0000 (-0400)
Subject: limit bignums to 128 bytes
X-Git-Tag: openssl-3.1.7~25
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=7fb2cc622993892a9d5ac564a902bd8bf8ae6936;p=thirdparty%2Fopenssl.git

limit bignums to 128 bytes

Keep us from spinning forever doing huge amounts of math in the fuzzer

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <ppzgs1@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/25013)

(cherry picked from commit f0768376e1639d12a328745ef69c90d584138074)
---

diff --git a/fuzz/bignum.c b/fuzz/bignum.c
index d7c3716aacb..783e9159770 100644
--- a/fuzz/bignum.c
+++ b/fuzz/bignum.c
@@ -52,11 +52,12 @@ int FuzzerTestOneInput(const uint8_t *buf, size_t len)
      */
     if (len > 2) {
         len -= 3;
-        l1 = (buf[0] * len) / 255;
+        /* limit l1, l2, and l3 to be no more than 512 bytes */
+        l1 = ((buf[0] * len) / 255) % 512;
         ++buf;
-        l2 = (buf[0] * (len - l1)) / 255;
+        l2 = ((buf[0] * (len - l1)) / 255) % 512;
         ++buf;
-        l3 = len - l1 - l2;
+        l3 = (len - l1 - l2) % 512;
 
         s1 = buf[0] & 1;
         s3 = buf[0] & 4;