Fix encoding bug in i2c_ASN1_INTEGER Fix bug where i2c_ASN1_INTEGER mishandles zero if it is marked as negative. Thanks to Huzaifa Sidhpurwala <huzaifas@redhat.com> and Hanno Böck <hanno@hboeck.de> for reporting this issue. Reviewed-by: Rich Salz <rsalz@openssl.org> (cherry-picked from a0eed48d37a4b7beea0c966caf09ad46f4a92a44) Bug: 28175332 Change-Id: I1e2b580f4a6d4a0fd5d26174a9cb7ed86504e7d4

commit: 33c3e8cfe77b4902a419b103fe4802b8c464127d [log] [tgz]
author: Parth Dixit <parthd@codeaurora.org> Mon Aug 29 11:53:40 2016 +0530
committer: Parth Dixit <parthd@codeaurora.org> Mon Aug 29 11:53:40 2016 +0530
tree: ec26dd06a1966f39b3079459cccd6a3d92ef5615
parent: 903fdb0b383bb38b923c9512630b8c9c83ecd1bb [diff]
diff --git a/lib/openssl/crypto/asn1/a_int.c b/lib/openssl/crypto/asn1/a_int.c
index 3348b87..3f38b28 100644
--- a/lib/openssl/crypto/asn1/a_int.c
+++ b/lib/openssl/crypto/asn1/a_int.c

@@ -124,6 +124,8 @@
 		{
 		ret=a->length;
 		i=a->data[0];
+		if (ret == 1 && i == 0)
+			neg = 0;
 		if (!neg && (i > 127)) {
 			pad=1;
 			pb=0;
@@ -157,7 +159,7 @@
 		p += a->length - 1;
 		i = a->length;
 		/* Copy zeros to destination as long as source is zero */
-		while(!*n) {
+		while(!*n && i > 1) {
 			*(p--) = 0;
 			n--;
 			i--;
commit	33c3e8cfe77b4902a419b103fe4802b8c464127d	[log] [tgz]
author	Parth Dixit <parthd@codeaurora.org>	Mon Aug 29 11:53:40 2016 +0530
committer	Parth Dixit <parthd@codeaurora.org>	Mon Aug 29 11:53:40 2016 +0530
tree	ec26dd06a1966f39b3079459cccd6a3d92ef5615
parent	903fdb0b383bb38b923c9512630b8c9c83ecd1bb [diff]