From 477e40b48c5a2d5f9ba597cea2f2e2eb77e9347a Mon Sep 17 00:00:00 2001
From: Bernd Edlinger <bernd.edlinger@hotmail.de>
Date: Sat, 31 Mar 2018 21:09:32 +0200
Subject: [PATCH] Fix a crash in the asn1parse command
MIME-Version: 1.0
Content-Type: text/plain; charset=utf8
Content-Transfer-Encoding: 8bit

Thanks to Sem Voigtländer for reporting this issue.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/5826)

(cherry picked from commit 752837e0664e990b5edf6f0b69e1b4612efadce0)
---
 apps/asn1pars.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/apps/asn1pars.c b/apps/asn1pars.c
index 0a6b990b50..55ecd7cab0 100644
--- a/apps/asn1pars.c
+++ b/apps/asn1pars.c
@@ -295,7 +295,7 @@ int MAIN(int argc, char **argv)
             ASN1_TYPE *atmp;
             int typ;
             j = atoi(sk_OPENSSL_STRING_value(osk, i));
-            if (j == 0) {
+            if (j <= 0 || j >= tmplen) {
                 BIO_printf(bio_err, "'%s' is an invalid number\n",
                            sk_OPENSSL_STRING_value(osk, i));
                 continue;
-- 
2.25.1