[openssl-commits] Passed: openssl/openssl#6433 (master - e5c1361)
Travis CI
builds at travis-ci.org
Sun Oct 16 01:46:54 UTC 2016
Build Update for openssl/openssl
-------------------------------------
Build: #6433
Status: Passed
Duration: 31 minutes and 33 seconds
Commit: e5c1361 (master)
Author: Matt Caswell
Message: Ensure we handle len == 0 in ERR_err_string_n
If len == 0 in a call to ERR_error_string_n() then we can read beyond the
end of the buffer. Really applications should not be calling this function
with len == 0, but we shouldn't be letting it through either!
Thanks to Agostino Sarubbo for reporting this issue. Agostino's blog on
this issue is available here:
https://blogs.gentoo.org/ago/2016/10/14/openssl-libcrypto-stack-based-buffer-overflow-in-err_error_string_n-err-c/
Reviewed-by: Richard Levitte <levitte at openssl.org>
View the changeset: https://github.com/openssl/openssl/compare/3ff3ee7a19e8...e5c1361580d8
View the full build log and details: https://travis-ci.org/openssl/openssl/builds/167857820
--
You can configure recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-commits/attachments/20161016/0d1d08ca/attachment-0001.html>
More information about the openssl-commits
mailing list