For n > 7, we might get uninitialized (unzeroed) data.
authorRichard Levitte <levitte@openssl.org>
Sun, 6 Aug 2000 01:35:03 +0000 (01:35 +0000)
committerRichard Levitte <levitte@openssl.org>
Sun, 6 Aug 2000 01:35:03 +0000 (01:35 +0000)
Spotted by "Kyoungho Jeon" <k.h.jeon@securesoft.co.kr>.

crypto/asn1/a_bitstr.c

index c0501e1..7013a40 100644 (file)
@@ -236,10 +236,10 @@ int ASN1_BIT_STRING_set_bit(ASN1_BIT_STRING *a, int n, int value)
                else
                        c=(unsigned char *)OPENSSL_realloc(a->data,w+1);
                if (c == NULL) return(0);
+               if (w+1-a->length > 0) memset(c+a->length, 0, w+1-a->length);
                a->data=c;
                a->length=w+1;
-               c[w]=0;
-               }
+       }
        a->data[w]=((a->data[w])&iv)|v;
        while ((a->length > 0) && (a->data[a->length-1] == 0))
                a->length--;