projects / oweals / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 99d9784) | patch
Don't set choice selector on parse failure.
authorDr. Stephen Henson <steve@openssl.org>
Fri, 14 Oct 2016 10:51:43 +0000 (11:51 +0100)
committerMatt Caswell <matt@openssl.org>
Thu, 10 Nov 2016 13:04:05 +0000 (13:04 +0000)
commit610b66267e41a32805ab54cbc580c5a6d5826cb4
treef651ef0d42abb32063f81dc23d502fb8a87718a8tree | snapshot
parent99d97842ddb5fbbbfb5e9820a64ebd19afe569f6commit | diff
Don't set choice selector on parse failure.

Don't set choice selector on parse failure: this can pass unexpected
values to the choice callback. Instead free up partial structure
directly.

CVE-2016-7053

Thanks to Tyler Nighswander of ForAllSecure for reporting this issue.

Reviewed-by: Richard Levitte <levitte@openssl.org>
crypto/asn1/tasn_dec.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.