From 66e731ab09f2c652d0e179df3df10d069b407604 Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Thu, 28 Apr 2016 13:09:27 +0100 Subject: [PATCH] Sanity check buffer length. Reject zero length buffers passed to X509_NAME_onelne(). Issue reported by Guido Vranken. Reviewed-by: Matt Caswell (cherry picked from commit b33d1141b6dcce947708b984c5e9e91dad3d675d) --- crypto/x509/x509_obj.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/crypto/x509/x509_obj.c b/crypto/x509/x509_obj.c index d317f3af25..500c9dfa54 100644 --- a/crypto/x509/x509_obj.c +++ b/crypto/x509/x509_obj.c @@ -86,6 +86,8 @@ char *X509_NAME_oneline(X509_NAME *a, char *buf, int len) goto err; b->data[0] = '\0'; len = 200; + } else if (len == 0) { + return NULL; } if (a == NULL) { if (b) { -- 2.25.1