From 0dcab9302f6e534e8af1cf3b8b402c9671421531 Mon Sep 17 00:00:00 2001
From: David Benjamin <davidben@google.com>
Date: Thu, 14 Mar 2019 18:31:16 -0500
Subject: [PATCH] Harden the lower level parts of crypto/asn1 against
 overflows.

The legacy ASN.1 stack contains an unsalvageable mix of integer types.
82dfea8d9e65c4e57cc9fb2bd3f0dd49f5b31f45 bounded all inputs to the template
machinery, but sometimes code will call ASN1_get_object directly, such as the
just deleted d2i_ASN1_UINTEGER.

Thanks to mlbrown for reporting the d2i_ASN1_UINTEGER overflow.

Bug: chromium:942269
Change-Id: I2d4c8b7faf5dadd1b68dbdb51a5feae071ea2cb6
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/35325
Reviewed-by: Adam Langley <agl@google.com>
---
 crypto/asn1/asn1_lib.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/crypto/asn1/asn1_lib.c b/crypto/asn1/asn1_lib.c
index ea727f33..8526aba3 100644
--- a/crypto/asn1/asn1_lib.c
+++ b/crypto/asn1/asn1_lib.c
@@ -205,7 +205,11 @@ static int asn1_get_length(const unsigned char **pp, int *inf, long *rl,
         } else
             ret = i;
     }
-    if (ret > LONG_MAX)
+    /*
+     * Bound the length to comfortably fit in an int. Lengths in this module
+     * often switch between int and long without overflow checks.
+     */
+    if (ret > INT_MAX / 2)
         return 0;
     *pp = p;
     *rl = (long)ret;