git.openssl.org Git - openssl.git/commit

author	Dr. Stephen Henson <steve@openssl.org>
	Fri, 15 Apr 2016 01:37:09 +0000 (02:37 +0100)
committer	Matt Caswell <matt@openssl.org>
	Tue, 3 May 2016 12:05:34 +0000 (13:05 +0100)
commit	d4b25980020821d4685752ecb9105c0902109ab5
tree	3aef8e6d43af44784007d8b85e3bd1f0319eae6e	tree \| snapshot
parent	68595c0c2886e7942a14f98c17a55a88afb6c292	commit \| diff

Fix ASN1_INTEGER handling.

Only treat an ASN1_ANY type as an integer if it has the V_ASN1_INTEGER
tag: V_ASN1_NEG_INTEGER is an internal only value which is never used
for on the wire encoding.

Thanks to David Benjamin <davidben@google.com> for reporting this bug.

This was found using libFuzzer.

RT#4364 (part)CVE-2016-2108.

Reviewed-by: Emilia Käsper <emilia@openssl.org>

crypto/asn1/a_type.c		diff \| blob \| history
crypto/asn1/tasn_dec.c		diff \| blob \| history
crypto/asn1/tasn_enc.c		diff \| blob \| history

Unnamed repository; edit this file 'description' to name the repository.

RSS Atom