[openssl/openssl] f4ed6e: SSL_set1_groups_list(): Fix memory corruption with...

Michael Baentsch noreply at github.com
Thu Feb 22 11:54:27 UTC 2024


  Branch: refs/heads/master
  Home:   https://github.com/openssl/openssl
  Commit: f4ed6eed2c8fcb1852938683669218655fe4f894
      https://github.com/openssl/openssl/commit/f4ed6eed2c8fcb1852938683669218655fe4f894
  Author: Michael Baentsch <57787676+baentsch at users.noreply.github.com>
  Date:   2024-02-22 (Thu, 22 Feb 2024)

  Changed paths:
    M ssl/t1_lib.c
    M test/sslapitest.c
    M test/tls-provider.c

  Log Message:
  -----------
  SSL_set1_groups_list(): Fix memory corruption with 40 groups and more

Fixes #23624

The calculation of the size for gid_arr reallocation was wrong.
A multiplication by gid_arr array item size was missing.

Testcase is added.

Reviewed-by: Nicola Tuveri <nic.tuv at gmail.com>
Reviewed-by: Matt Caswell <matt at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/23625)



To unsubscribe from these emails, change your notification settings at https://github.com/openssl/openssl/settings/notifications


More information about the openssl-commits mailing list