diff options
author | Richard Levitte <levitte@openssl.org> | 2021-11-22 17:08:19 +0100 |
---|---|---|
committer | Richard Levitte <levitte@openssl.org> | 2021-11-24 19:18:19 +0100 |
commit | 8585b5bc62d0bf394ca6adf24f8590e9b9b18402 (patch) | |
tree | 0f19c6184648cbb605ec8b419b2723db46b0f542 /crypto/params_from_text.c | |
parent | b556713a6f2884eadc7f56428bc82a844e9a49e0 (diff) | |
download | openssl-new-8585b5bc62d0bf394ca6adf24f8590e9b9b18402.tar.gz |
Have OSSL_PARAM_allocate_from_text() raise error on unexpected neg number
When the parameter definition has the data type OSSL_PARAM_UNSIGNED_INTEGER,
negative input values should not be accepted.
Fixes #17103
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17104)
Diffstat (limited to 'crypto/params_from_text.c')
-rw-r--r-- | crypto/params_from_text.c | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/crypto/params_from_text.c b/crypto/params_from_text.c index 84851edc47..43323c3707 100644 --- a/crypto/params_from_text.c +++ b/crypto/params_from_text.c @@ -54,6 +54,12 @@ static int prepare_from_text(const OSSL_PARAM *paramdefs, const char *key, if (r == 0 || *tmpbn == NULL) return 0; + if (p->data_type == OSSL_PARAM_UNSIGNED_INTEGER + && BN_is_negative(*tmpbn)) { + ERR_raise(ERR_LIB_CRYPTO, CRYPTO_R_INVALID_NEGATIVE_VALUE); + return 0; + } + /* * 2s complement negate, part 1 * |