git.librecmc.org Git - oweals/openssl.git/commit

projects / oweals / openssl.git / commit

author	Matt Caswell <matt@openssl.org>
	Thu, 28 Apr 2016 09:46:55 +0000 (10:46 +0100)
committer	Matt Caswell <matt@openssl.org>
	Tue, 3 May 2016 09:25:05 +0000 (10:25 +0100)
commit	9f2ccf1d718ab66c778a623f9aed3cddf17503a2
tree	9757dae471e2ad31e37f7942091c8816fdb2873a	tree \| snapshot
parent	3ab937bc440371fbbe74318ce494ba95021f850a	commit \| diff

Prevent EBCDIC overread for very long strings

ASN1 Strings that are over 1024 bytes can cause an overread in
applications using the X509_NAME_oneline() function on EBCDIC systems.
This could result in arbitrary stack data being returned in the buffer.

Issue reported by Guido Vranken.

CVE-2016-2176

Reviewed-by: Andy Polyakov <appro@openssl.org>

crypto/x509/x509_obj.c

diff | blob | history

Unnamed repository; edit this file 'description' to name the repository.

RSS Atom