CVSROOT: /cvs
Module name: src
Changes by: t...@cvs.openbsd.org 2022/08/10 10:51:26
Modified files:
lib/libcrypto/asn1: t_x509.c
Log message:
Avoid signed integer overflow due to unary negation
The current X509_print_ex() tries too hard pretty printing negative
serialNumbers (which shouldn't occur in the first place). In particular,
negating LONG_MAX leads to signed overflow. Ditch the code dealing with
negative serialNumbers representable as long and fall back to the long
form printing. This simplifies the code and fixes
oss-fuzz #49944
with/ok jsing
