projects / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 869e142) | patch
Check the return value of ASN1_STRING_length
authorbonniegong <yuanjungong96@gmail.com>
Wed, 2 Jun 2021 07:35:18 +0000 (15:35 +0800)
committerTomas Mraz <tomas@openssl.org>
Thu, 3 Jun 2021 15:09:52 +0000 (17:09 +0200)
commit5478387c14e0c22a525e2ec5ed37f6ffad4b7c59
tree4d349a83bfe3dca23a00c73b5085229f289878f8tree | snapshot
parent869e1424438b3c117d6ef4d3fbf4545cc7dab171commit | diff
Check the return value of ASN1_STRING_length

ASN1_STRING_length gets the field 'length' of msg, which
can be manipulated through a crafted input.
Add a check to avoid error execution of OPENSSL_malloc().

CLA: trivial

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15583)

(cherry picked from commit effb0dcf864110a4595f1a243adb9c1dd09eb516)
crypto/ts/ts_verify_ctx.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.