[openssl-dev] Heap corruption in asn1_item_ex_combine_new()
Julien Kauffmann
julien.kauffmann at freelan.org
Thu Apr 2 03:01:49 UTC 2015
Hi,
I can confirm that removing those two lines solves the problem.
I actually already tried to add this:
EC_GROUP_set_asn1_flag(group, OPENSSL_EC_NAMED_CURVE);
but while it solved the problem for writing the key, the problem would
still arise while parsing a key generated without the flag (the same
heap corruption).
Anyway, seems to be solved ! Is this change already merged upstream ? Do
I need to create a ticket/make a pull request for this ?
Thank you.
Julien Kauffmann.
Le 01/04/2015 07:26, Dr. Stephen Henson a écrit :
> On Tue, Mar 31, 2015, Julien Kauffmann wrote:
>
>> if (!combine)
>> *pval = NULL;
>>
> I'd suggest deleting the two lines above. The structure should be cleared
> without this and the above line is wrong for non pointer fields anyway.
>
> Steve.
> --
> Dr Stephen N. Henson. OpenSSL project core developer.
> Commercial tech support now available see: http://www.openssl.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4276 bytes
Desc: Signature cryptographique S/MIME
URL: <http://mta.openssl.org/pipermail/openssl-dev/attachments/20150401/2c708685/attachment.bin>
More information about the openssl-dev
mailing list