From: KubaBoi Date: Tue, 28 Oct 2025 17:22:57 +0000 (+0100) Subject: asn1_gen: add ASN1_object_size() return check and fix else braces X-Git-Tag: 3.6-PRE-CLANG-FORMAT-WEBKIT~53 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=d32f683e2f8acbc22c98785eb8430c5a6417312f;p=thirdparty%2Fopenssl.git asn1_gen: add ASN1_object_size() return check and fix else braces Fixes: #6570 CLA: trivial Reviewed-by: Norbert Pocs Reviewed-by: Paul Yang Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/29022) (cherry picked from commit ecf3ac3b109154fa86d897d88c0c491134429c88) --- diff --git a/crypto/asn1/asn1_gen.c b/crypto/asn1/asn1_gen.c index 937daf0645b..dacc97d0d28 100644 --- a/crypto/asn1/asn1_gen.c +++ b/crypto/asn1/asn1_gen.c @@ -134,8 +134,9 @@ static ASN1_TYPE *generate_v3(const char *str, X509V3_CTX *cnf, int depth, return NULL; } ret = asn1_multi(asn1_tags.utype, asn1_tags.str, cnf, depth, perr); - } else + } else { ret = asn1_str2type(asn1_tags.str, asn1_tags.format, asn1_tags.utype); + } if (!ret) return NULL; @@ -169,16 +170,20 @@ static ASN1_TYPE *generate_v3(const char *str, X509V3_CTX *cnf, int depth, /* Indefinite length constructed */ hdr_constructed = 2; hdr_len = 0; - } else + } else { /* Just retain constructed flag */ hdr_constructed = r & V_ASN1_CONSTRUCTED; + } /* * Work out new length with IMPLICIT tag: ignore constructed because * it will mess up if indefinite length */ len = ASN1_object_size(0, hdr_len, asn1_tags.imp_tag); - } else + if (len == -1) + goto err; + } else { len = cpy_len; + } /* Work out length in any EXPLICIT, starting from end */ @@ -189,6 +194,8 @@ static ASN1_TYPE *generate_v3(const char *str, X509V3_CTX *cnf, int depth, etmp->exp_len = len; /* Total object length: length including new header */ len = ASN1_object_size(0, len, etmp->exp_tag); + if (len == -1) + goto err; } /* Allocate buffer for new encoding */