From b33d1141b6dcce947708b984c5e9e91dad3d675d Mon Sep 17 00:00:00 2001
From: "Dr. Stephen Henson" <steve@openssl.org>
Date: Thu, 28 Apr 2016 13:09:27 +0100
Subject: [PATCH] Sanity check buffer length.

Reject zero length buffers passed to X509_NAME_onelne().

Issue reported by Guido Vranken.

Reviewed-by: Matt Caswell <matt@openssl.org>
---
 crypto/x509/x509_obj.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/crypto/x509/x509_obj.c b/crypto/x509/x509_obj.c
index ac871b4029..920828373c 100644
--- a/crypto/x509/x509_obj.c
+++ b/crypto/x509/x509_obj.c
@@ -86,6 +86,8 @@ char *X509_NAME_oneline(X509_NAME *a, char *buf, int len)
             goto err;
         b->data[0] = '\0';
         len = 200;
+    } else if (len == 0) {
+        return NULL;
     }
     if (a == NULL) {
         if (b) {
-- 
2.34.1