ossl.c: integer overflow

* ext/openssl/ossl.c (string2hex): fix signed integer overflow. [ruby-core:51711] [Bug #7744] [Fixes GH-242] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@44395 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
author: nobu <nobu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> 2013-12-24 16:44:49 +0000
committer: nobu <nobu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> 2013-12-24 16:44:49 +0000
commit: 3e37a7f745e6a91238742fe180bfba738d60624a (patch)
tree: 5fcb96fcb04e61397f7d08ef1e388f0cac37662d /ext/openssl
parent: b06f4a939878ad6e6dd8120bb4963e83801b5895 (diff)
1 files changed, 3 insertions, 2 deletions
diff --git a/ext/openssl/ossl.c b/ext/openssl/ossl.c
index 43ccf4c3fd..689f21ae0f 100644
--- a/ext/openssl/ossl.c
+++ b/ext/openssl/ossl.c
@@ -18,11 +18,12 @@ int
 string2hex(const unsigned char *buf, int buf_len, char **hexbuf, int *hexbuf_len)
 {
     static const char hex[]="0123456789abcdef";
-    int i, len = 2 * buf_len;
+    int i, len;
 
-    if (buf_len < 0 || len < buf_len) { /* PARANOIA? */
+    if (buf_len < 0 || buf_len > INT_MAX / 2) { /* PARANOIA? */
 	return -1;
     }
+    len = 2 * buf_len;
     if (!hexbuf) { /* if no buf, return calculated len */
 	if (hexbuf_len) {
 	    *hexbuf_len = len;
author	nobu <nobu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>	2013-12-24 16:44:49 +0000
committer	nobu <nobu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>	2013-12-24 16:44:49 +0000
commit	3e37a7f745e6a91238742fe180bfba738d60624a (patch)
tree	5fcb96fcb04e61397f7d08ef1e388f0cac37662d /ext/openssl
parent	b06f4a939878ad6e6dd8120bb4963e83801b5895 (diff)