[openssl-users] CVE-2016-2180
sivagopiraju
sivagopi059 at gmail.com
Fri Sep 16 04:00:07 UTC 2016
- int len = OBJ_obj2txt(obj_txt, sizeof(obj_txt), obj, 0);
- BIO_write(bio, obj_txt, len);
- BIO_write(bio, "\n", 1);
+ OBJ_obj2txt(obj_txt, sizeof(obj_txt), obj, 0);
+ BIO_printf(bio, "%s\n", obj_txt);
Here, used BIO_printf instead of BIO_write, is it solve the issue?
Can you please elaborate it, did't understand the solution.
--
View this message in context: http://openssl.6102.n7.nabble.com/CVE-2016-2180-tp67815p68384.html
Sent from the OpenSSL - User mailing list archive at Nabble.com.
More information about the openssl-users
mailing list