[openssl/openssl] 7ff5df: crypto/bio/bio_print.c: avoid signed int overow in...
0 views
Skip to first unread message
esyr
Sep 11, 2025, 12:04:24 PM (yesterday) Sep 11
to openssl...@openssl.org
Branch: refs/heads/openssl-3.6
Home: https://github.com/openssl/openssl
Commit: 7ff5df1014205bc0b45a12163b2e0b31492bf641
https://github.com/openssl/openssl/commit/7ff5df1014205bc0b45a12163b2e0b31492bf641
Author: Eugene Syromiatnikov <es...@openssl.org>
Date: 2025-09-11 (Thu, 11 Sep 2025)
Changed paths:
M crypto/bio/bio_print.c
Log Message:
-----------
crypto/bio/bio_print.c: avoid signed int overow in padlen calculation in fmtstr
In a highly unlikely situation of str being longer than INT_MAX,
a signed integer overflow in padlen calculation can be triggered.
Avoid it by reworking the check for the need of padlen calculation.
Fixes: 230c691a5218 "Fix fmtstr for BIO_printf() et al"
Signed-off-by: Eugene Syromiatnikov <es...@openssl.org>
Reviewed-by: Neil Horman <nho...@openssl.org>
Reviewed-by: Saša Nedvědický <sas...@openssl.org>
Reviewed-by: Tomas Mraz <to...@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/28502)
Commit: cffbccf5eafbc351fc9a9f019810e1dfe04eeb17
https://github.com/openssl/openssl/commit/cffbccf5eafbc351fc9a9f019810e1dfe04eeb17
Author: Eugene Syromiatnikov <es...@openssl.org>
Date: 2025-09-11 (Thu, 11 Sep 2025)
Changed paths:
M crypto/bio/bio_print.c
Log Message:
-----------
crypto/bio/bio_print.c: avoid signed int overflow in desc->pos in doapr_outch
While highly improbable, a signed integer overflow can be triggered
by incrementing desc->pos LLONG_MAX + 1 times.
Fixes: 228ef5f54727 "crypto/bio/bio_print.c: make %n in line with other libc implementations"
Signed-off-by: Eugene Syromiatnikov <es...@openssl.org>
Reviewed-by: Neil Horman <nho...@openssl.org>
Reviewed-by: Saša Nedvědický <sas...@openssl.org>
Reviewed-by: Tomas Mraz <to...@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/28502)
Commit: 98e17292227661c8f261d83116b2953d639dcf1e
https://github.com/openssl/openssl/commit/98e17292227661c8f261d83116b2953d639dcf1e
Author: Eugene Syromiatnikov <es...@openssl.org>
Date: 2025-09-11 (Thu, 11 Sep 2025)
Changed paths:
M crypto/bio/bio_print.c
Log Message:
-----------
crypto/bio/bio_print.c: improve handling of unreasonably large widths/precisions
As fmt*() routines try to loop all the way up to pad sizes calculated
based on the user-provided width and precision specification,
it is relatively simple to trigger billions of loop iterations
by providing appropriate width and precision specification, even
if printing is done in a statically-sized buffer. Avoid those
by introducing a helper eob_ok() function, that allows short-circuiting
those loops.
Resolves: https://github.com/openssl/openssl/issues/28416
Signed-off-by: Eugene Syromiatnikov <es...@openssl.org>
Reviewed-by: Neil Horman <nho...@openssl.org>
Reviewed-by: Saša Nedvědický <sas...@openssl.org>
Reviewed-by: Tomas Mraz <to...@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/28502)
Compare: https://github.com/openssl/openssl/compare/56f67a6d618d...98e172922276
To unsubscribe from these emails, change your notification settings at https://github.com/openssl/openssl/settings/notifications
Home: https://github.com/openssl/openssl
Commit: 7ff5df1014205bc0b45a12163b2e0b31492bf641
https://github.com/openssl/openssl/commit/7ff5df1014205bc0b45a12163b2e0b31492bf641
Author: Eugene Syromiatnikov <es...@openssl.org>
Date: 2025-09-11 (Thu, 11 Sep 2025)
Changed paths:
M crypto/bio/bio_print.c
Log Message:
-----------
crypto/bio/bio_print.c: avoid signed int overow in padlen calculation in fmtstr
In a highly unlikely situation of str being longer than INT_MAX,
a signed integer overflow in padlen calculation can be triggered.
Avoid it by reworking the check for the need of padlen calculation.
Fixes: 230c691a5218 "Fix fmtstr for BIO_printf() et al"
Signed-off-by: Eugene Syromiatnikov <es...@openssl.org>
Reviewed-by: Neil Horman <nho...@openssl.org>
Reviewed-by: Saša Nedvědický <sas...@openssl.org>
Reviewed-by: Tomas Mraz <to...@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/28502)
Commit: cffbccf5eafbc351fc9a9f019810e1dfe04eeb17
https://github.com/openssl/openssl/commit/cffbccf5eafbc351fc9a9f019810e1dfe04eeb17
Author: Eugene Syromiatnikov <es...@openssl.org>
Date: 2025-09-11 (Thu, 11 Sep 2025)
Changed paths:
M crypto/bio/bio_print.c
Log Message:
-----------
crypto/bio/bio_print.c: avoid signed int overflow in desc->pos in doapr_outch
While highly improbable, a signed integer overflow can be triggered
by incrementing desc->pos LLONG_MAX + 1 times.
Fixes: 228ef5f54727 "crypto/bio/bio_print.c: make %n in line with other libc implementations"
Signed-off-by: Eugene Syromiatnikov <es...@openssl.org>
Reviewed-by: Neil Horman <nho...@openssl.org>
Reviewed-by: Saša Nedvědický <sas...@openssl.org>
Reviewed-by: Tomas Mraz <to...@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/28502)
Commit: 98e17292227661c8f261d83116b2953d639dcf1e
https://github.com/openssl/openssl/commit/98e17292227661c8f261d83116b2953d639dcf1e
Author: Eugene Syromiatnikov <es...@openssl.org>
Date: 2025-09-11 (Thu, 11 Sep 2025)
Changed paths:
M crypto/bio/bio_print.c
Log Message:
-----------
crypto/bio/bio_print.c: improve handling of unreasonably large widths/precisions
As fmt*() routines try to loop all the way up to pad sizes calculated
based on the user-provided width and precision specification,
it is relatively simple to trigger billions of loop iterations
by providing appropriate width and precision specification, even
if printing is done in a statically-sized buffer. Avoid those
by introducing a helper eob_ok() function, that allows short-circuiting
those loops.
Resolves: https://github.com/openssl/openssl/issues/28416
Signed-off-by: Eugene Syromiatnikov <es...@openssl.org>
Reviewed-by: Neil Horman <nho...@openssl.org>
Reviewed-by: Saša Nedvědický <sas...@openssl.org>
Reviewed-by: Tomas Mraz <to...@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/28502)
Compare: https://github.com/openssl/openssl/compare/56f67a6d618d...98e172922276
To unsubscribe from these emails, change your notification settings at https://github.com/openssl/openssl/settings/notifications
Reply all
Reply to author
Forward
0 new messages