[openssl-commits] [openssl] OpenSSL_1_1_0-stable update
Matt Caswell
matt at openssl.org
Mon May 21 09:33:40 UTC 2018
The branch OpenSSL_1_1_0-stable has been updated
via bbe75a29dfdb6561f21b7d010ac18c52da4beb78 (commit)
from 12843c7307900e124ee0407535cab5534fc27dad (commit)
- Log -----------------------------------------------------------------
commit bbe75a29dfdb6561f21b7d010ac18c52da4beb78
Author: Matt Caswell <matt at openssl.org>
Date: Wed May 16 11:59:47 2018 +0100
Fix undefined behaviour in X509_NAME_cmp()
If the lengths of both names is 0 then don't attempt to do a memcmp.
Issue reported by Simon Friedberger, Robert Merget and Juraj Somorovsky.
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre at ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/6291)
(cherry picked from commit 511190b691183a1fb160e7e05e2974dc73cab0c6)
-----------------------------------------------------------------------
Summary of changes:
crypto/x509/x509_cmp.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/crypto/x509/x509_cmp.c b/crypto/x509/x509_cmp.c
index 0105635..8ac9efe 100644
--- a/crypto/x509/x509_cmp.c
+++ b/crypto/x509/x509_cmp.c
@@ -174,7 +174,7 @@ int X509_NAME_cmp(const X509_NAME *a, const X509_NAME *b)
ret = a->canon_enclen - b->canon_enclen;
- if (ret)
+ if (ret != 0 || a->canon_enclen == 0)
return ret;
return memcmp(a->canon_enc, b->canon_enc, a->canon_enclen);
More information about the openssl-commits
mailing list