diff --git a/apps/enc.c b/apps/enc.c index b3bf4cc2592d01dfa1c998911bcab79f66a4c3fa..5375fd8eb3503ffe77e56b2a50cf0b544dd5a067 100644 --- a/apps/enc.c +++ b/apps/enc.c @@ -234,6 +234,8 @@ int enc_main(int argc, char **argv) goto opthelp; if (k) n *= 1024; + if (n > INT_MAX) + goto opthelp; bsize = (int)n; break; case OPT_K: diff --git a/apps/ocsp.c b/apps/ocsp.c index 821e224c6ce45da6940a949035704945034e3563..fe759c08ed5a2a3a4a7d62a7ccb32c34db5d2b54 100644 --- a/apps/ocsp.c +++ b/apps/ocsp.c @@ -666,7 +666,8 @@ redo_accept: resp = OCSP_response_create(OCSP_RESPONSE_STATUS_MALFORMEDREQUEST, NULL); - send_ocsp_response(cbio, resp); + if (resp != NULL) + send_ocsp_response(cbio, resp); } goto done_resp; } @@ -764,16 +765,18 @@ redo_accept: BIO_free(derbio); } - i = OCSP_response_status(resp); - if (i != OCSP_RESPONSE_STATUS_SUCCESSFUL) { - BIO_printf(out, "Responder Error: %s (%d)\n", - OCSP_response_status_str(i), i); - if (!ignore_err) + if (resp != NULL) { + i = OCSP_response_status(resp); + if (i != OCSP_RESPONSE_STATUS_SUCCESSFUL) { + BIO_printf(out, "Responder Error: %s (%d)\n", + OCSP_response_status_str(i), i); + if (!ignore_err) goto end; - } + } - if (resp_text) - OCSP_RESPONSE_print(out, resp, 0); + if (resp_text) + OCSP_RESPONSE_print(out, resp, 0); + } /* If running as responder don't verify our own response */ if (cbio != NULL) { diff --git a/crypto/rand/randfile.c b/crypto/rand/randfile.c index 86c322473ca54783cc531bf770a202f8c73ff5ff..01f3b611d9d0fac167eeb487759993a8419edcf0 100644 --- a/crypto/rand/randfile.c +++ b/crypto/rand/randfile.c @@ -167,6 +167,10 @@ int RAND_load_file(const char *file, long bytes) /* If given a bytecount, and we did it, break. */ if (bytes > 0 && (bytes -= i) <= 0) break; + + /* We can hit a signed integer overflow on the next iteration */ + if (ret > INT_MAX - RAND_LOAD_BUF_SIZE) + break; } OPENSSL_cleanse(buf, sizeof(buf)); diff --git a/crypto/x509/x509_vpm.c b/crypto/x509/x509_vpm.c index b4f4c45998befe513ad0097aa219b71cbf414749..fa87bdd028c2ec656bb2b101873cc3bf683b7b6a 100644 --- a/crypto/x509/x509_vpm.c +++ b/crypto/x509/x509_vpm.c @@ -608,6 +608,11 @@ const X509_VERIFY_PARAM *X509_VERIFY_PARAM_get0(int id) { int num = OSSL_NELEM(default_table); + if (id < 0) { + ERR_raise(ERR_LIB_X509, ERR_R_PASSED_INVALID_ARGUMENT); + return NULL; + } + if (id < num) return default_table + id; return sk_X509_VERIFY_PARAM_value(param_table, id - num); diff --git a/doc/man1/openssl-enc.pod.in b/doc/man1/openssl-enc.pod.in index e6d5103bd91a2592897d0ea83ae192e96b9a580b..35405ed3819f0afe42dc22881156f12b45f80ccd 100644 --- a/doc/man1/openssl-enc.pod.in +++ b/doc/man1/openssl-enc.pod.in @@ -177,6 +177,7 @@ or decryption. =item B<-bufsize> I Set the buffer size for I/O. +The maximum size that can be specified is B<2^31-1> (2147483647) bytes. =item B<-nopad> diff --git a/doc/man3/RAND_load_file.pod b/doc/man3/RAND_load_file.pod index baca54cb3c890e001c43e52e098267062c2e0115..fd00bf883d401c131cffaa8c7667b2b7a131fcec 100644 --- a/doc/man3/RAND_load_file.pod +++ b/doc/man3/RAND_load_file.pod @@ -20,6 +20,8 @@ RAND_load_file() reads a number of bytes from file B and adds them to the PRNG. If B is nonnegative, up to B are read; if B is -1, the complete file is read. +RAND_load_file() can read less than the complete file or the requested number +of bytes if it doesn't fit in the return value type. Do not load the same file multiple times unless its contents have been updated by RAND_write_file() between reads. Also, note that B should be adequately protected so that an