projects / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 1716003) | patch
Fix OID handling:
authorEmilia Kasper <emilia@openssl.org>
Wed, 2 Jul 2014 17:02:33 +0000 (19:02 +0200)
committerMatt Caswell <matt@openssl.org>
Wed, 6 Aug 2014 19:36:41 +0000 (20:36 +0100)
commit0042fb5fd1c9d257d713b15a1f45da05cf5c1c87
tree06f19083ca305b2c39706ab501688ae1da537114tree | snapshot
parent17160033765480453be0a41335fa6b833691c049commit | diff
Fix OID handling:

- Upon parsing, reject OIDs with invalid base-128 encoding.
- Always NUL-terminate the destination buffer in OBJ_obj2txt printing function.

CVE-2014-3508

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
crypto/asn1/a_object.c diff | blob | history
crypto/objects/obj_dat.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.