Commit 0f799ae3b2 for openssl.org

commit 0f799ae3b275c6edcf19ae0f237218b4169e647f
Author: Herman Semenoff <GermanAizek@yandex.ru>
Date:   Sat Apr 25 07:36:07 2026 +0300

    crypto: fix possible integer overflow using cast size_t

    Signed-off-by: Herman Semenoff <GermanAizek@yandex.ru>

    Reviewed-by: Nikola Pajkovsky <nikolap@openssl.org>
    Reviewed-by: Matt Caswell <matt@openssl.foundation>
    MergeDate: Thu Apr 30 07:13:07 2026
    (Merged from https://github.com/openssl/openssl/pull/30973)

diff --git a/crypto/ct/ct_oct.c b/crypto/ct/ct_oct.c
index a110fbd3a9..b8bef582a9 100644
--- a/crypto/ct/ct_oct.c
+++ b/crypto/ct/ct_oct.c
@@ -347,7 +347,7 @@ int i2o_SCT_LIST(const STACK_OF(SCT) *a, unsigned char **pp)
             if ((sct_len = i2o_SCT(sk_SCT_value(a, i), NULL)) == -1)
                 goto err;
         }
-        len2 += 2 + sct_len;
+        len2 += (size_t)sct_len + 2;
     }

     if (len2 > MAX_SCT_LIST_SIZE)