projects / platform / upstream / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 33491df) | patch
Fix OID handling:
authorEmilia Kasper <emilia@openssl.org>
Wed, 2 Jul 2014 17:02:33 +0000 (19:02 +0200)
committerJanusz Kozerski <j.kozerski@samsung.com>
Mon, 20 Oct 2014 13:25:33 +0000 (15:25 +0200)
commit40dfb3641eabeda852a3ecfdc2b4eceed78d9e1d
tree14d41dc5025612f17119b0c0bd8b49dff5b6cf6btree | snapshot
parent33491df200a3f704191571a09dce80a767c29ef2commit | diff
Fix OID handling:

- Upon parsing, reject OIDs with invalid base-128 encoding.
- Always NUL-terminate the destination buffer in OBJ_obj2txt printing function.

CVE-2014-3508

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
crypto/asn1/a_object.c diff | blob | history
crypto/objects/obj_dat.c diff | blob | history
Domain: Security / Utilities;