From: Bernd Edlinger <bernd.edlinger@hotmail.de>
Date: Sat, 31 Mar 2018 19:09:32 +0000 (+0200)
Subject: Fix a crash in the asn1parse command
X-Git-Tag: OpenSSL_1_1_0i~216
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=ac62a25e2ef8569542a69ac4fb04c59d899581bc;p=oweals%2Fopenssl.git

Fix a crash in the asn1parse command

Thanks to Sem Voigtländer for reporting this issue.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/5826)

(cherry picked from commit 752837e0664e990b5edf6f0b69e1b4612efadce0)
---

diff --git a/apps/asn1pars.c b/apps/asn1pars.c
index 1ac261c762..39b9f8b0c8 100644
--- a/apps/asn1pars.c
+++ b/apps/asn1pars.c
@@ -212,7 +212,7 @@ int asn1parse_main(int argc, char **argv)
             ASN1_TYPE *atmp;
             int typ;
             j = atoi(sk_OPENSSL_STRING_value(osk, i));
-            if (j == 0) {
+            if (j <= 0 || j >= tmplen) {
                 BIO_printf(bio_err, "'%s' is an invalid number\n",
                            sk_OPENSSL_STRING_value(osk, i));
                 continue;