[openssl-commits] [openssl] OpenSSL_1_0_2-stable update
bernd.edlinger at hotmail.de
bernd.edlinger at hotmail.de
Tue Apr 3 14:06:05 UTC 2018
The branch OpenSSL_1_0_2-stable has been updated
via 477e40b48c5a2d5f9ba597cea2f2e2eb77e9347a (commit)
from 6a285edd520f9508efb76f30aff9812ce7115fa8 (commit)
- Log -----------------------------------------------------------------
commit 477e40b48c5a2d5f9ba597cea2f2e2eb77e9347a
Author: Bernd Edlinger <bernd.edlinger at hotmail.de>
Date: Sat Mar 31 21:09:32 2018 +0200
Fix a crash in the asn1parse command
Thanks to Sem Voigtländer for reporting this issue.
Reviewed-by: Rich Salz <rsalz at openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre at ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/5826)
(cherry picked from commit 752837e0664e990b5edf6f0b69e1b4612efadce0)
-----------------------------------------------------------------------
Summary of changes:
apps/asn1pars.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/apps/asn1pars.c b/apps/asn1pars.c
index 0a6b990..55ecd7c 100644
--- a/apps/asn1pars.c
+++ b/apps/asn1pars.c
@@ -295,7 +295,7 @@ int MAIN(int argc, char **argv)
ASN1_TYPE *atmp;
int typ;
j = atoi(sk_OPENSSL_STRING_value(osk, i));
- if (j == 0) {
+ if (j <= 0 || j >= tmplen) {
BIO_printf(bio_err, "'%s' is an invalid number\n",
sk_OPENSSL_STRING_value(osk, i));
continue;
More information about the openssl-commits
mailing list