Add a comment so I don't forget to think about input validation

author tb <tb@openbsd.org>

Tue, 28 Dec 2021 16:21:59 +0000 (16:21 +0000)

committer tb <tb@openbsd.org>

Tue, 28 Dec 2021 16:21:59 +0000 (16:21 +0000)
author tb <tb@openbsd.org>
Tue, 28 Dec 2021 16:21:59 +0000 (16:21 +0000)
committer tb <tb@openbsd.org>
Tue, 28 Dec 2021 16:21:59 +0000 (16:21 +0000)
diff --git a/lib/libcrypto/x509/x509_addr.c b/lib/libcrypto/x509/x509_addr.c

index 244eea1..e66d408 100644 (file)
--- a/lib/libcrypto/x509/x509_addr.c
+++ b/lib/libcrypto/x509/x509_addr.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: x509_addr.c,v 1.32 2021/12/28 16:10:47 tb Exp $ */
+/*     $OpenBSD: x509_addr.c,v 1.33 2021/12/28 16:21:59 tb Exp $ */
  /*
   * Contributed to the OpenSSL Project by the American Registry for
   * Internet Numbers ("ARIN").
@@ -774,6 +774,8 @@ make_IPAddressFamily(IPAddrBlocks *addr, const unsigned afi,
         if (!CBB_init(&cbb, 0))
                 goto err;
  
+       /* XXX - should afi <= 65535 and *safi < 255 be checked here? */
+
         if (!CBB_add_u16(&cbb, afi))
                 goto err;
         if (safi != NULL) {
author	tb <tb@openbsd.org>
	Tue, 28 Dec 2021 16:21:59 +0000 (16:21 +0000)
committer	tb <tb@openbsd.org>
	Tue, 28 Dec 2021 16:21:59 +0000 (16:21 +0000)