From a2ea166cac04210f22e5734537c488039f280eec Mon Sep 17 00:00:00 2001
From: Christian Hohnstaedt <christian@hohnstaedt.de>
Date: Fri, 30 Aug 2024 21:47:53 +0200
Subject: [PATCH] Close #351: a1int::getLong() doesn't handle all error cases

Check for LONG_MAX and LONG_MIN and throw an error if the returned value
is too big.
---
 lib/asn1int.cpp | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/lib/asn1int.cpp b/lib/asn1int.cpp
index 834bfe30..300b44ab 100644
--- a/lib/asn1int.cpp
+++ b/lib/asn1int.cpp
@@ -9,6 +9,7 @@
 #include "asn1int.h"
 #include "func_base.h"
 #include "exception.h"
+#include "limits.h"
 #include <openssl/err.h>
 #include <openssl/bn.h>
 
@@ -137,9 +138,11 @@ const ASN1_INTEGER *a1int::get0() const
 
 long a1int::getLong() const
 {
-	long l = ASN1_INTEGER_get(get0());
-	openssl_error();
-	return l;
+	int64_t value;
+	int r = ASN1_INTEGER_get_int64(&value,get0());
+	if (r == 0 || value > LONG_MAX || value < LONG_MIN)
+		throw errorEx(QString("ASN1 Integer: Failed to convert %1 to long").arg(toDec()));
+	return (long)value;
 }
 
 a1int &a1int::operator ++ (void)