[openssl-dev] [openssl.org #4552] Bug report: hex string is too long, problem in set_hex()?

[David-E Young via RT]

Classification: Public

Hello. Thanks for responding so quickly. Could you perhaps then tell us why the difference in behavior between version 1.0.1m and later versions, and why we would get "hex string is too long"?

Kind Regards,

David

-----Original Message-----
From: Salz, Rich via RT [mailto:rt at openssl.org]
Sent: Tuesday, May 31, 2016 4:45 PM
To: David-E Young
Cc: openssl-dev at openssl.org
Subject: RE: [openssl-dev] [openssl.org #4552] Bug report: hex string is too long, problem in set_hex()?

> If the size multiplier is changed to, say, 4, then the problem goes
> away with no apparent ill effects. Reading the code for set_hex() and
> its caller, it does not appear that the size multiplier is related to
> a buffer size or some other limitation.

Yes it is, it's the size of the buffer to hold the converted text->binary string.  Changing the multiplier will overwrite data buffers.

There was a bug where it got the size calculation wrong, I think.  But this is not a bug as reported.


--
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4552
Please log in as guest with password guest if prompted



---
This communication may contain confidential and/or privileged information. If you are not the intended recipient (or have received this communication in error) please notify the sender immediately and destroy this communication. Any unauthorized copying, disclosure or distribution of the material in this communication is strictly forbidden.

Deutsche Bank does not render legal or tax advice, and the information contained in this communication should not be regarded as such.

-- 
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4552
Please log in as guest with password guest if prompted