root
/
openssl
mirror of https://github.com/openssl/openssl.git
1
0
Fork 0
Code Issues Actions 7 Packages Projects Releases Wiki Activity

speed: range check the argument given to -multi 

For machines where sizeof(size_t) == sizeof(int) there is a possible overflow
which could cause a crash.

For machines where sizeof(size_t) > sizeof(int), the existing checks adequately
detect the situation.

Fixes #16899

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16904)
This commit is contained in:
Pauli 2021-10-25 11:16:01 +10:00
parent 089df6f135
commit 7220085f22
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
apps/speed.c
View File

@ -1540,6 +1540,10 @@ int speed_main(int argc, char **argv)
case OPT_MULTI: case OPT_MULTI:
#ifndef NO_FORK #ifndef NO_FORK
multi = atoi(opt_arg()); multi = atoi(opt_arg());
if ((size_t)multi >= SIZE_MAX / sizeof(int)) {
BIO_printf(bio_err, "%s: multi argument too large\n", prog);
return 0;
}
#endif #endif
break; break;
case OPT_ASYNCJOBS: case OPT_ASYNCJOBS: