projects / platform / upstream / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: a107808) | patch
Explicitly check for empty ASN.1 strings in d2i_ECPrivateKey
authorEmilia Kasper <emilia@openssl.org>
Mon, 25 Aug 2014 10:38:16 +0000 (12:38 +0200)
committerJanusz Kozerski <j.kozerski@samsung.com>
Mon, 20 Oct 2014 13:25:35 +0000 (15:25 +0200)
commit67e9178609299f192aa683a8a55dcfb6992e3fc0
tree830f0fcafecf0632227f5075e877a109d983b50ctree | snapshot
parenta1078088f6af8c688f725556bf211ecedba789c6commit | diff
Explicitly check for empty ASN.1 strings in d2i_ECPrivateKey

The old code implicitly relies on the ASN.1 code returning a \0-prefixed buffer
when the buffer length is 0. Change this to verify explicitly that the ASN.1 string
has positive length.

Reviewed-by: Dr Stephen Henson <steve@openssl.org>
(cherry picked from commit 82dc08de54ce443c2a9ac478faffe79e76157795)
crypto/ec/ec_asn1.c diff | blob | history
Domain: Security / Utilities;