bn2bin(): Don't accept len < 0

Test included Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20033)
2023-01-13 12:51:43 +01:00 · 2023-01-13 12:51:43 +01:00 · c9466f38e0
parent 15192335c8
commit c9466f38e0
2 changed files with 43 additions and 0 deletions
--- a/crypto/bn/bn_lib.c
+++ b/crypto/bn/bn_lib.c
@ -440,6 +440,10 @@ static BIGNUM *bin2bn(const unsigned char *s, int len, BIGNUM *ret,
    unsigned int n;
    BIGNUM *bn = NULL;

+    /* Negative length is not acceptable */
+    if (len < 0)
+        return NULL;
+
    if (ret == NULL)
        ret = bn = BN_new();
    if (ret == NULL)
--- a/test/bntest.c
+++ b/test/bntest.c
@ -2249,6 +2249,44 @@ static int test_bin2zero(void)
    return ret;
 }

+static int test_bin2bn_lengths(void)
+{
+    unsigned char input[] = { 1, 2 };
+    BIGNUM *bn_be = NULL, *bn_expected_be = NULL;
+    BIGNUM *bn_le = NULL, *bn_expected_le = NULL;
+    int ret = 0;
+
+    if (!TEST_ptr(bn_be = BN_new())
+        || !TEST_ptr(bn_expected_be = BN_new())
+        || !TEST_true(BN_set_word(bn_expected_be, 0x102))
+        || !TEST_ptr(bn_le = BN_new())
+        || !TEST_ptr(bn_expected_le = BN_new())
+        || !TEST_true(BN_set_word(bn_expected_le, 0x201)))
+        goto err;
+
+#define lengthtest(fn, e)                                       \
+    if (!TEST_ptr_null(fn(input, -1, bn_##e))                   \
+        || !TEST_ptr(fn(input, 0, bn_##e))                      \
+        || !TEST_true(BN_is_zero(bn_##e))                       \
+        || !TEST_ptr(fn(input, 2, bn_##e))                      \
+        || !TEST_int_eq(BN_cmp(bn_##e, bn_expected_##e), 0))    \
+        goto err
+
+    lengthtest(BN_bin2bn, be);
+    lengthtest(BN_signed_bin2bn, be);
+    lengthtest(BN_lebin2bn, le);
+    lengthtest(BN_signed_lebin2bn, le);
+#undef lengthtest
+
+    ret = 1;
+ err:
+    BN_free(bn_be);
+    BN_free(bn_expected_be);
+    BN_free(bn_le);
+    BN_free(bn_expected_le);
+    return ret;
+}
+
 static int test_rand(void)
 {
    BIGNUM *bn = NULL;
@ -3244,6 +3282,7 @@ int setup_tests(void)
        ADD_TEST(test_hex2bn);
        ADD_TEST(test_asc2bn);
        ADD_TEST(test_bin2zero);
+        ADD_TEST(test_bin2bn_lengths);
        ADD_ALL_TESTS(test_mpi, (int)OSSL_NELEM(kMPITests));
        ADD_ALL_TESTS(test_bn2signed, (int)OSSL_NELEM(kSignedTests_BE));
        ADD_TEST(test_negzero);