projects / oweals / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 4159f31) | patch
Fix ASN1_INTEGER handling.
authorDr. Stephen Henson <steve@openssl.org>
Fri, 15 Apr 2016 01:37:09 +0000 (02:37 +0100)
committerMatt Caswell <matt@openssl.org>
Tue, 3 May 2016 12:06:36 +0000 (13:06 +0100)
commitf5da52e308a6aeea6d5f3df98c4da295d7e9cc27
treeae9034d4d80747f34d7276ef5d4540a9b4c18fbatree | snapshot
parent4159f311671cf3bac03815e5de44681eb758304acommit | diff
Fix ASN1_INTEGER handling.

Only treat an ASN1_ANY type as an integer if it has the V_ASN1_INTEGER
tag: V_ASN1_NEG_INTEGER is an internal only value which is never used
for on the wire encoding.

Thanks to David Benjamin <davidben@google.com> for reporting this bug.

This was found using libFuzzer.

RT#4364 (part)CVE-2016-2108.

Reviewed-by: Emilia Käsper <emilia@openssl.org>
crypto/asn1/a_type.c diff | blob | history
crypto/asn1/tasn_dec.c diff | blob | history
crypto/asn1/tasn_enc.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.