projects / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: b2b3b9c) | patch
Fix printing of PROXY_CERT_INFO_EXTENSION to not assume NUL terminated strings
authorMatt Caswell <matt@openssl.org>
Wed, 18 Aug 2021 13:02:40 +0000 (14:02 +0100)
committerMatt Caswell <matt@openssl.org>
Tue, 24 Aug 2021 13:22:06 +0000 (14:22 +0100)
commit918430ba80d94ec8f05383b43b1872b1ebb13e1a
tree44d233320b00964d21452226b9f5783fc74764a5tree | snapshot
parentb2b3b9c9936b91315adc0f3254879cb2fd5ca2bdcommit | diff
Fix printing of PROXY_CERT_INFO_EXTENSION to not assume NUL terminated strings

ASN.1 strings may not be NUL terminated. Don't assume they are.

CVE-2021-3712

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: David Benjamin <davidben@google.com>
crypto/x509/v3_pci.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.