From: rootvector2 <dxbnaveed.k@gmail.com>
Date: Wed, 3 Jun 2026 18:28:39 +0000 (+0530)
Subject: uni2utf8: reject negative length like uni2asc
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=24e69ac1db7da44056f2da5e5ae4ad3cc446c6ea;p=thirdparty%2Fopenssl.git

uni2utf8: reject negative length like uni2asc

Reviewed-by: Alicja Kario <hkario@redhat.com>
Reviewed-by: Eugene Syromiatnikov <esyr@openssl.org>
Reviewed-by: Norbert Pocs <norbertp@openssl.org>
MergeDate: Thu Jun 11 08:56:39 2026
(Merged from https://github.com/openssl/openssl/pull/31378)
---

diff --git a/crypto/pkcs12/p12_utl.c b/crypto/pkcs12/p12_utl.c
index c864c9c9aad..3c19f727a1b 100644
--- a/crypto/pkcs12/p12_utl.c
+++ b/crypto/pkcs12/p12_utl.c
@@ -188,6 +188,8 @@ char *OPENSSL_uni2utf8(const unsigned char *uni, int unilen)
     /* string must contain an even number of bytes */
     if (unilen & 1)
         return NULL;
+    if (unilen < 0)
+        return NULL;
 
     for (asclen = 0, i = 0; i < unilen;) {
         j = bmp_to_utf8(NULL, uni + i, unilen - i);