projects / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: bf52165) | patch
Don't set choice selector on parse failure.
authorDr. Stephen Henson <steve@openssl.org>
Fri, 14 Oct 2016 10:51:43 +0000 (11:51 +0100)
committerMatt Caswell <matt@openssl.org>
Thu, 10 Nov 2016 13:04:11 +0000 (13:04 +0000)
commitf962541d0be200055e508641ddf3a8ec8819e4df
tree81486425ee9e0b2a653de177c105cd1ff7b51dectree | snapshot
parentbf52165bda53524a267c784696bd074111a2f178commit | diff
Don't set choice selector on parse failure.

Don't set choice selector on parse failure: this can pass unexpected
values to the choice callback. Instead free up partial structure
directly.

CVE-2016-7053

Thanks to Tyler Nighswander of ForAllSecure for reporting this issue.

Reviewed-by: Richard Levitte <levitte@openssl.org>
crypto/asn1/tasn_dec.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.