bn2bin(): Don't accept len < 0

Test included Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20033)
author: Richard Levitte <levitte@openssl.org> 2023-01-13 12:51:43 +0100
committer: Hugo Landau <hlandau@openssl.org> 2023-01-20 07:38:40 +0000
commit: c9466f38e0191aa86e0bd49267b0c4ef33e3a3d2 (patch)
tree: e9328ce9ea8e4a813a6b8401344d01b3b128c7bf
parent: 15192335c8bbfb78bc02086bcd77a0d82efffbce (diff)
download: openssl-c9466f38e0191aa86e0bd49267b0c4ef33e3a3d2.tar.gz
2 files changed, 43 insertions, 0 deletions
diff --git a/crypto/bn/bn_lib.c b/crypto/bn/bn_lib.c
index 9d665c26fc..ead513c7ae 100644
--- a/crypto/bn/bn_lib.c
+++ b/crypto/bn/bn_lib.c
@@ -440,6 +440,10 @@ static BIGNUM *bin2bn(const unsigned char *s, int len, BIGNUM *ret,
     unsigned int n;
     BIGNUM *bn = NULL;
 
+    /* Negative length is not acceptable */
+    if (len < 0)
+        return NULL;
+
     if (ret == NULL)
         ret = bn = BN_new();
     if (ret == NULL)
diff --git a/test/bntest.c b/test/bntest.c
index 241765c9f1..35471ac3bb 100644
--- a/test/bntest.c
+++ b/test/bntest.c
@@ -2249,6 +2249,44 @@ static int test_bin2zero(void)
     return ret;
 }
 
+static int test_bin2bn_lengths(void)
+{
+    unsigned char input[] = { 1, 2 };
+    BIGNUM *bn_be = NULL, *bn_expected_be = NULL;
+    BIGNUM *bn_le = NULL, *bn_expected_le = NULL;
+    int ret = 0;
+
+    if (!TEST_ptr(bn_be = BN_new())
+        || !TEST_ptr(bn_expected_be = BN_new())
+        || !TEST_true(BN_set_word(bn_expected_be, 0x102))
+        || !TEST_ptr(bn_le = BN_new())
+        || !TEST_ptr(bn_expected_le = BN_new())
+        || !TEST_true(BN_set_word(bn_expected_le, 0x201)))
+        goto err;
+
+#define lengthtest(fn, e)                                       \
+    if (!TEST_ptr_null(fn(input, -1, bn_##e))                   \
+        || !TEST_ptr(fn(input, 0, bn_##e))                      \
+        || !TEST_true(BN_is_zero(bn_##e))                       \
+        || !TEST_ptr(fn(input, 2, bn_##e))                      \
+        || !TEST_int_eq(BN_cmp(bn_##e, bn_expected_##e), 0))    \
+        goto err
+
+    lengthtest(BN_bin2bn, be);
+    lengthtest(BN_signed_bin2bn, be);
+    lengthtest(BN_lebin2bn, le);
+    lengthtest(BN_signed_lebin2bn, le);
+#undef lengthtest
+
+    ret = 1;
+ err:
+    BN_free(bn_be);
+    BN_free(bn_expected_be);
+    BN_free(bn_le);
+    BN_free(bn_expected_le);
+    return ret;
+}
+
 static int test_rand(void)
 {
     BIGNUM *bn = NULL;
@@ -3244,6 +3282,7 @@ int setup_tests(void)
         ADD_TEST(test_hex2bn);
         ADD_TEST(test_asc2bn);
         ADD_TEST(test_bin2zero);
+        ADD_TEST(test_bin2bn_lengths);
         ADD_ALL_TESTS(test_mpi, (int)OSSL_NELEM(kMPITests));
         ADD_ALL_TESTS(test_bn2signed, (int)OSSL_NELEM(kSignedTests_BE));
         ADD_TEST(test_negzero);
author	Richard Levitte <levitte@openssl.org>	2023-01-13 12:51:43 +0100
committer	Hugo Landau <hlandau@openssl.org>	2023-01-20 07:38:40 +0000
commit	c9466f38e0191aa86e0bd49267b0c4ef33e3a3d2 (patch)
tree	e9328ce9ea8e4a813a6b8401344d01b3b128c7bf
parent	15192335c8bbfb78bc02086bcd77a0d82efffbce (diff)
download	openssl-c9466f38e0191aa86e0bd49267b0c4ef33e3a3d2.tar.gz