From: Richard Levitte <levitte@openssl.org>
Date: Tue, 10 Jan 2023 11:22:39 +0000 (+0100)
Subject: In OSSL_PARAM_set_BN(), make sure that the data_size field is at least 1
X-Git-Tag: openssl-3.2.0-alpha1~1539
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=c2ae89148343750e420b72ef1b709ebbc16e47b8;p=thirdparty%2Fopenssl.git

In OSSL_PARAM_set_BN(), make sure that the data_size field is at least 1

This way, we guarantee that a zero is represented with one byte of data
that's set to zero.

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20013)
---

diff --git a/crypto/params.c b/crypto/params.c
index 4c5a6f53341..f75cfe69cfd 100644
--- a/crypto/params.c
+++ b/crypto/params.c
@@ -1068,6 +1068,9 @@ int OSSL_PARAM_set_BN(OSSL_PARAM *p, const BIGNUM *val)
     /* We add 1 byte for signed numbers, to make space for a sign extension */
     if (p->data_type == OSSL_PARAM_INTEGER)
         bytes++;
+    /* We make sure that at least one byte is used, so zero is properly set */
+    if (bytes == 0)
+        bytes++;
 
     p->return_size = bytes;
     if (p->data == NULL)