1berry/ruby
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

ossl.c: integer overflow

Browse Source 
* ext/openssl/ossl.c (string2hex): fix signed integer overflow.
  [ruby-core:51711] [Bug #7744] [Fixes GH-242]

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@44395 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
This commit is contained in:
nobu 2013-12-24 16:44:49 +00:00
parent b06f4a9398
commit 3e37a7f745
1 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
ext/openssl/ossl.c
View File

@ -18,11 +18,12 @@ int
string2hex(const unsigned char *buf, int buf_len, char **hexbuf, int *hexbuf_len) string2hex(const unsigned char *buf, int buf_len, char **hexbuf, int *hexbuf_len)
{ {
static const char hex[]="0123456789abcdef"; static const char hex[]="0123456789abcdef";
int i, len = 2 * buf_len; int i, len;
if (buf_len < 0 || len < buf_len) { /* PARANOIA? */ if (buf_len < 0 || buf_len > INT_MAX / 2) { /* PARANOIA? */
return -1; return -1;
} }
len = 2 * buf_len;
if (!hexbuf) { /* if no buf, return calculated len */ if (!hexbuf) { /* if no buf, return calculated len */
if (hexbuf_len) { if (hexbuf_len) {
*hexbuf_len = len; *hexbuf_len = len;