From 85881c1d92cccda9ba26131a9102492de28a5a04 Mon Sep 17 00:00:00 2001
From: "Dr. Stephen Henson" <steve@openssl.org>
Date: Mon, 3 Jan 2011 01:40:53 +0000
Subject: [PATCH] PR: 2411 Submitted by: Rob Austein <sra@hactrn.net> Reviewed
 by: steve

Fix corner cases in RFC3779 code.
---
 crypto/x509v3/v3_addr.c | 6 ++++++
 crypto/x509v3/v3_asid.c | 2 +-
 2 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/crypto/x509v3/v3_addr.c b/crypto/x509v3/v3_addr.c
index 9087d66e0a..0d70e8696d 100644
--- a/crypto/x509v3/v3_addr.c
+++ b/crypto/x509v3/v3_addr.c
@@ -177,12 +177,18 @@ static int i2r_address(BIO *out,
   unsigned char addr[ADDR_RAW_BUF_LEN];
   int i, n;
 
+  if (bs->length < 0)
+    return 0;
   switch (afi) {
   case IANA_AFI_IPV4:
+    if (bs->length > 4)
+      return 0;
     addr_expand(addr, bs, 4, fill);
     BIO_printf(out, "%d.%d.%d.%d", addr[0], addr[1], addr[2], addr[3]);
     break;
   case IANA_AFI_IPV6:
+    if (bs->length > 16)
+      return 0;
     addr_expand(addr, bs, 16, fill);
     for (n = 16; n > 1 && addr[n-1] == 0x00 && addr[n-2] == 0x00; n -= 2)
       ;
diff --git a/crypto/x509v3/v3_asid.c b/crypto/x509v3/v3_asid.c
index 2b8c0a0824..da0029a011 100644
--- a/crypto/x509v3/v3_asid.c
+++ b/crypto/x509v3/v3_asid.c
@@ -372,7 +372,7 @@ static int ASIdentifierChoice_is_canonical(ASIdentifierChoice *choice)
 int v3_asid_is_canonical(ASIdentifiers *asid)
 {
   return (asid == NULL ||
-	  (ASIdentifierChoice_is_canonical(asid->asnum) ||
+	  (ASIdentifierChoice_is_canonical(asid->asnum) &&
 	   ASIdentifierChoice_is_canonical(asid->rdi)));
 }
 
-- 
2.40.0