Fix encoding bug in i2c_ASN1_INTEGER
Fix bug where i2c_ASN1_INTEGER mishandles zero if it is marked as
negative.
Thanks to Huzaifa Sidhpurwala <huzaifas@redhat.com> and
Hanno Böck <hanno@hboeck.de> for reporting this issue.
Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry-picked from a0eed48d37a4b7beea0c966caf09ad46f4a92a44)
Bug: 28175332
Change-Id: I1e2b580f4a6d4a0fd5d26174a9cb7ed86504e7d4
diff --git a/lib/openssl/crypto/asn1/a_int.c b/lib/openssl/crypto/asn1/a_int.c
index 3348b87..3f38b28 100644
--- a/lib/openssl/crypto/asn1/a_int.c
+++ b/lib/openssl/crypto/asn1/a_int.c
@@ -124,6 +124,8 @@
{
ret=a->length;
i=a->data[0];
+ if (ret == 1 && i == 0)
+ neg = 0;
if (!neg && (i > 127)) {
pad=1;
pb=0;
@@ -157,7 +159,7 @@
p += a->length - 1;
i = a->length;
/* Copy zeros to destination as long as source is zero */
- while(!*n) {
+ while(!*n && i > 1) {
*(p--) = 0;
n--;
i--;