From: Dr. Stephen Henson Date: Fri, 5 Aug 2016 16:59:32 +0000 (+0100) Subject: Sanity check input length in OPENSSL_uni2asc(). X-Git-Tag: OpenSSL_1_1_0~261 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=39a43280316f1b9c45be5ac5b04f4f5c3f923686;p=oweals%2Fopenssl.git Sanity check input length in OPENSSL_uni2asc(). Thanks to Hanno Böck for reporting this bug. Reviewed-by: Rich Salz --- diff --git a/crypto/pkcs12/p12_utl.c b/crypto/pkcs12/p12_utl.c index 408c495e50..c4feb90b9e 100644 --- a/crypto/pkcs12/p12_utl.c +++ b/crypto/pkcs12/p12_utl.c @@ -42,7 +42,9 @@ char *OPENSSL_uni2asc(unsigned char *uni, int unilen) { int asclen, i; char *asctmp; - + /* string must contain an even number of bytes */ + if (unilen & 1) + return NULL; asclen = unilen / 2; /* If no terminating zero allow for one */ if (!unilen || uni[unilen - 1])