[openssl-commits] [openssl] OpenSSL_1_1_0-stable update
bernd.edlinger at hotmail.de
bernd.edlinger at hotmail.de
Tue Apr 3 14:05:36 UTC 2018
The branch OpenSSL_1_1_0-stable has been updated
via ac62a25e2ef8569542a69ac4fb04c59d899581bc (commit)
from 45ae18b38401a027f231f1408e71b13ff3111021 (commit)
- Log -----------------------------------------------------------------
commit ac62a25e2ef8569542a69ac4fb04c59d899581bc
Author: Bernd Edlinger <bernd.edlinger at hotmail.de>
Date: Sat Mar 31 21:09:32 2018 +0200
Fix a crash in the asn1parse command
Thanks to Sem Voigtländer for reporting this issue.
Reviewed-by: Rich Salz <rsalz at openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre at ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/5826)
(cherry picked from commit 752837e0664e990b5edf6f0b69e1b4612efadce0)
-----------------------------------------------------------------------
Summary of changes:
apps/asn1pars.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/apps/asn1pars.c b/apps/asn1pars.c
index 1ac261c..39b9f8b 100644
--- a/apps/asn1pars.c
+++ b/apps/asn1pars.c
@@ -212,7 +212,7 @@ int asn1parse_main(int argc, char **argv)
ASN1_TYPE *atmp;
int typ;
j = atoi(sk_OPENSSL_STRING_value(osk, i));
- if (j == 0) {
+ if (j <= 0 || j >= tmplen) {
BIO_printf(bio_err, "'%s' is an invalid number\n",
sk_OPENSSL_STRING_value(osk, i));
continue;
More information about the openssl-commits
mailing list