[openssl-users] CVE-2016-2180

Matthias Apitz guru at unixarea.de
Fri Sep 16 07:05:17 UTC 2016

El día Thursday, September 15, 2016 a las 10:35:34PM -0700, sivagopiraju escribió:

> int OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name);
> OBJ_obj2txt() converts the ASN1_OBJECT a into a textual representation. The
> representation is written as a null terminated string to buf at most buf_len
> bytes are written, truncating the result if necessary.* The total amount of
> space required is returned*. If no_name is 0 then if the object has a long
> or short name then that will be used, otherwise the numerical form will be
> used. If no_name is 1 then the numerical form will always be used.
> Above statement statement saying that *amount of space required is
> returned*.

I saw this, but 'amount of space required' is IMHO vague, I'd expect
'the length of the resulting string is returned'

Matthias Apitz, ✉ guru at unixarea.de, ⌂ http://www.unixarea.de/  ☎ +49-176-38902045
"Ohne die Mauer hätte es Krieg gegeben" Fritz Streletz u.a.
"Sin el Muro hubiese habido guerra."

More information about the openssl-users mailing list