artulab
projects / openbsd / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 5b8bee2) | patch
Avoid a potential overread in x509_constraints_parse_mailbox()
authorjsing <jsing@openbsd.org>
Thu, 23 Sep 2021 15:49:48 +0000 (15:49 +0000)
committerjsing <jsing@openbsd.org>
Thu, 23 Sep 2021 15:49:48 +0000 (15:49 +0000)
commit62ceddea5b1d64a1a362bbb7071d9e15adcde6b1
treeb57de4851f961032bcf8c5c8601f6b5d5fbff716tree | snapshot
parent5b8bee2b2324502163ada1d161999f0484631860commit | diff
Avoid a potential overread in x509_constraints_parse_mailbox()

The length checks need to be >= rather than > in order to ensure the string
remains NUL terminated. While here consistently check wi before using it
so we have the same idiom throughout this function.

Issue reported by GoldBinocle on GitHub.

ok deraadt@ tb@
lib/libcrypto/x509/x509_constraints.c diff | blob | history
OpenBSD src
by Ahmet Artu Yildirim