projects / oweals / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 68595c0) | patch
Fix ASN1_INTEGER handling.
authorDr. Stephen Henson <steve@openssl.org>
Fri, 15 Apr 2016 01:37:09 +0000 (02:37 +0100)
committerMatt Caswell <matt@openssl.org>
Tue, 3 May 2016 12:05:34 +0000 (13:05 +0100)
commitd4b25980020821d4685752ecb9105c0902109ab5
tree3aef8e6d43af44784007d8b85e3bd1f0319eae6etree | snapshot
parent68595c0c2886e7942a14f98c17a55a88afb6c292commit | diff
Fix ASN1_INTEGER handling.

Only treat an ASN1_ANY type as an integer if it has the V_ASN1_INTEGER
tag: V_ASN1_NEG_INTEGER is an internal only value which is never used
for on the wire encoding.

Thanks to David Benjamin <davidben@google.com> for reporting this bug.

This was found using libFuzzer.

RT#4364 (part)CVE-2016-2108.

Reviewed-by: Emilia Käsper <emilia@openssl.org>
crypto/asn1/a_type.c diff | blob | history
crypto/asn1/tasn_dec.c diff | blob | history
crypto/asn1/tasn_enc.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.