[openssl-commits] [openssl] OpenSSL_1_0_1-stable update
Dr. Stephen Henson
steve at openssl.org
Fri Aug 5 18:04:39 UTC 2016
The branch OpenSSL_1_0_1-stable has been updated
via 7a4979815b3ce7d280ed30b3b1df2a23481c2331 (commit)
from d23de0bbf9e2c7a64065e2bf1907c6cceda78eb9 (commit)
- Log -----------------------------------------------------------------
commit 7a4979815b3ce7d280ed30b3b1df2a23481c2331
Author: Dr. Stephen Henson <steve at openssl.org>
Date: Fri Aug 5 17:59:32 2016 +0100
Sanity check input length in OPENSSL_uni2asc().
Thanks to Hanno Böck for reporting this bug.
Reviewed-by: Rich Salz <rsalz at openssl.org>
(cherry picked from commit 39a43280316f1b9c45be5ac5b04f4f5c3f923686)
Conflicts:
crypto/pkcs12/p12_utl.c
-----------------------------------------------------------------------
Summary of changes:
crypto/pkcs12/p12_utl.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/crypto/pkcs12/p12_utl.c b/crypto/pkcs12/p12_utl.c
index a0b992e..e466f76 100644
--- a/crypto/pkcs12/p12_utl.c
+++ b/crypto/pkcs12/p12_utl.c
@@ -91,6 +91,10 @@ char *OPENSSL_uni2asc(unsigned char *uni, int unilen)
{
int asclen, i;
char *asctmp;
+
+ /* string must contain an even number of bytes */
+ if (unilen & 1)
+ return NULL;
asclen = unilen / 2;
/* If no terminating zero allow for one */
if (!unilen || uni[unilen - 1])
More information about the openssl-commits
mailing list