[openssl] master update

Dr. Paul Dale pauli at openssl.org
Tue Apr 20 22:58:05 UTC 2021

The branch master has been updated
       via  4ecb19d1092d6db1397aa24512996f98f8e5e268 (commit)
      from  1c0eede9827b0962f1d752fa4ab5d436fa039da4 (commit)

- Log -----------------------------------------------------------------
commit 4ecb19d1092d6db1397aa24512996f98f8e5e268
Author: Pauli <pauli at openssl.org>
Date:   Mon Apr 19 09:50:52 2021 +1000

    params_dup: fix off by one error that allows array overreach.
    The end of loop test allows the index to go one step too far to be able to
    terminate the param array but the end of list record is still added.
    Reviewed-by: Tomas Mraz <tomas at openssl.org>
    Reviewed-by: Richard Levitte <levitte at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/14922)


Summary of changes:
 crypto/params_dup.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/crypto/params_dup.c b/crypto/params_dup.c
index e1b1405979..6a58b52f65 100644
--- a/crypto/params_dup.c
+++ b/crypto/params_dup.c
@@ -147,8 +147,8 @@ static int compare_params(const void *left, const void *right)
 OSSL_PARAM *OSSL_PARAM_merge(const OSSL_PARAM *p1, const OSSL_PARAM *p2)
+    const OSSL_PARAM *list1[OSSL_PARAM_MERGE_LIST_MAX + 1];
+    const OSSL_PARAM *list2[OSSL_PARAM_MERGE_LIST_MAX + 1];
     const OSSL_PARAM *p = NULL;
     const OSSL_PARAM **p1cur, **p2cur;
     OSSL_PARAM *params, *dst;

More information about the openssl-commits mailing list