Fix range checks with -offset and -length in asn1parse

Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/5826)
author: Bernd Edlinger <bernd.edlinger@hotmail.de> 2018-04-02 09:13:49 +0200
committer: Bernd Edlinger <bernd.edlinger@hotmail.de> 2018-04-03 16:02:17 +0200
commit: 16e1eea6a67c85c9d786f3c4448182b1aca101b8 (patch)
tree: 32c7978df133f609ca2154178fe2d922d2191d85
parent: 18ada952d1dcea8dfc5008df9f317b3eb47c13fa (diff)
download: openssl-16e1eea6a67c85c9d786f3c4448182b1aca101b8.zip
openssl-16e1eea6a67c85c9d786f3c4448182b1aca101b8.tar.gz
openssl-16e1eea6a67c85c9d786f3c4448182b1aca101b8.tar.bz2
1 files changed, 2 insertions, 2 deletions
diff --git a/apps/asn1pars.c b/apps/asn1pars.c
index 6278b13..062e196 100644
--- a/apps/asn1pars.c
+++ b/apps/asn1pars.c
@@ -258,14 +258,14 @@ int asn1parse_main(int argc, char **argv)
         num = tmplen;
     }
 
-    if (offset >= num) {
+    if (offset < 0 || offset >= num) {
         BIO_printf(bio_err, "Error: offset too large\n");
         goto end;
     }
 
     num -= offset;
 
-    if ((length == 0) || ((long)length > num))
+    if (length == 0 || length > (unsigned int)num)
         length = (unsigned int)num;
     if (derout != NULL) {
         if (BIO_write(derout, str + offset, length) != (int)length) {
author	Bernd Edlinger <bernd.edlinger@hotmail.de>	2018-04-02 09:13:49 +0200
committer	Bernd Edlinger <bernd.edlinger@hotmail.de>	2018-04-03 16:02:17 +0200
commit	16e1eea6a67c85c9d786f3c4448182b1aca101b8 (patch)
tree	32c7978df133f609ca2154178fe2d922d2191d85
parent	18ada952d1dcea8dfc5008df9f317b3eb47c13fa (diff)
download	openssl-16e1eea6a67c85c9d786f3c4448182b1aca101b8.zip openssl-16e1eea6a67c85c9d786f3c4448182b1aca101b8.tar.gz openssl-16e1eea6a67c85c9d786f3c4448182b1aca101b8.tar.bz2