commit 5a855f4303442b0476274a8ed0d1625c3e0658e1
Author: Igor Ustinov <igus68@gmail.com>
Date:   Sat Mar 7 08:16:47 2026 +0100

    Avoid possible buffer overflow in buf2hex conversion
    
    Fixes CVE-2026-31789

Index: openssl-1.1.1d/crypto/o_str.c
===================================================================
--- openssl-1.1.1d.orig/crypto/o_str.c
+++ openssl-1.1.1d/crypto/o_str.c
@@ -195,6 +195,11 @@ char *OPENSSL_buf2hexstr(const unsigned
     const unsigned char *p;
     int i;
 
+    if (len > SIZE_MAX / 3) {
+        CRYPTOerr(CRYPTO_F_OPENSSL_BUF2HEXSTR, ERR_R_PASSED_INVALID_ARGUMENT);
+        return NULL;
+    }
+
     if (len == 0)
     {
         return OPENSSL_zalloc(1);