root
/
openssl
mirror of https://github.com/openssl/openssl.git
1
0
Fork 0
Code Issues Actions 7 Packages Projects Releases Wiki Activity

apps/enc.c: avoid signed integer overflow on bufsize assignment 

The calculated option value, while being long-typed, is not checked
for fitting into int-sized bufsize.  Avoid overflow by throwing error
if it is bigger than INT_MAX and document that behaviour.

Fixes: 7e1b748570 "Big apps cleanup (option-parsing, etc)"
Resolves: https://scan5.scan.coverity.com/#/project-view/65248/10222?selectedIssue=1665149
References: https://github.com/openssl/project/issues/1362
Signed-off-by: Eugene Syromiatnikov <esyr@openssl.org>

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/28405)
This commit is contained in:
Eugene Syromiatnikov 2025-09-01 14:05:33 +02:00 committed by Neil Horman
parent a1cdea4907
commit eb851cc1fb
2 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
apps/enc.c
View File

@ -260,6 +260,8 @@ int enc_main(int argc, char **argv)
goto opthelp; goto opthelp;
if (k) if (k)
n *= 1024; n *= 1024;
if (n > INT_MAX)
goto opthelp;
bsize = (int)n; bsize = (int)n;
break; break;
case OPT_K: case OPT_K:

1
doc/man1/openssl-enc.pod.in
View File

@ -196,6 +196,7 @@ or decryption.
=item B<-bufsize> I<number> =item B<-bufsize> I<number>
Set the buffer size for I/O. Set the buffer size for I/O.
The maximum size that can be specified is B<2^31-1> (2147483647) bytes.
=item B<-nopad> =item B<-nopad>