Fix GetLength return value check in ASN1_INTEGER functions

Change GetLength() return check from > 0 to >= 0 in wolfSSL_ASN1_INTEGER_get_length
and wolfSSL_ASN1_INTEGER_get0_data. GetLength returns the decoded length (≥ 0) on
success and negative error codes on failure, so checking > 0 incorrectly excluded
zero-length values, making the DER-stripping logic dead code.
This commit is contained in:
Juliusz Sosinowicz
2026-03-31 12:43:06 +02:00
parent b36a9ca80e
commit 4c2a90c8ef
+2 -2
View File
@@ -1016,7 +1016,7 @@ int wolfSSL_ASN1_INTEGER_get_length(const WOLFSSL_ASN1_INTEGER* ai)
if (ai->data[0] == ASN_INTEGER) {
word32 idx = 1;
int len = 0;
if (GetLength(ai->data, &idx, &len, (word32)ai->length) > 0 &&
if (GetLength(ai->data, &idx, &len, (word32)ai->length) >= 0 &&
idx + (word32)len == (word32)ai->length) {
return len;
}
@@ -1043,7 +1043,7 @@ const unsigned char* wolfSSL_ASN1_INTEGER_get0_data(const WOLFSSL_ASN1_INTEGER*
if (ai->data[0] == ASN_INTEGER) {
word32 idx = 1;
int len = 0;
if (GetLength(ai->data, &idx, &len, (word32)ai->length) > 0 &&
if (GetLength(ai->data, &idx, &len, (word32)ai->length) >= 0 &&
idx + (word32)len == (word32)ai->length) {
return ai->data + idx;
}