artulab
projects / openbsd / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: beccb37) | patch
Avoid an 1 byte out-of-bounds read in ASN1_PRINTABLE_type()
authortb <tb@openbsd.org>
Sun, 12 Mar 2023 11:49:02 +0000 (11:49 +0000)
committertb <tb@openbsd.org>
Sun, 12 Mar 2023 11:49:02 +0000 (11:49 +0000)
commite8872944128f3e6b75d300e794f06c5ae149effd
tree1458ffe65688af3c92dbe12708ffb7f5501bf03btree | snapshot
parentbeccb3784784a617b377ecb8c8e84326efbf01e4commit | diff
Avoid an 1 byte out-of-bounds read in ASN1_PRINTABLE_type()

In case the input is not NUL terminated, the reversed check for length
and terminating NUL results in a one-byte overread. The documentation
says that the input should be a string, but in ASN.1 land you never
know...

Reported by Guido Vranken a while back

ok beck
lib/libcrypto/asn1/a_print.c diff | blob | history
OpenBSD src
by Ahmet Artu Yildirim