Google Git
Sign in
boringssl/boringssl.git/0dccfbc6c7dda409deb1ce88fd21caf50d4f9bde
commit
0dccfbc6c7dda409deb1ce88fd21caf50d4f9bde
[log]
author
Emilia Kasper <emilia@openssl.org>
Wed Aug 06 17:23:04 2014 -0700
committer
Adam Langley <agl@google.com>
Thu Aug 07 21:09:47 2014 +0000
tree
cbe46a8157e9898457503661d482372b4d26d84a
parent
abae631fb9af14c60834c58769ef57979ff35eee [diff]
Fix OID handling.

- Upon parsing, reject OIDs with invalid base-128 encoding.
- Always NUL-terminate the destination buffer in OBJ_obj2txt printing
  function.

CVE-2014-3508

(Imported from upstream's c01618dd822cc724c05eeb52455874ad068ec6a5)

Change-Id: I12bdeeaa700183195e4c2f474f964f8ae7a04549
Reviewed-on: https://boringssl-review.googlesource.com/1440
Reviewed-by: David Benjamin <davidben@chromium.org>
Reviewed-by: Adam Langley <agl@google.com>
1 file changed
tree: cbe46a8157e9898457503661d482372b4d26d84a
  1. crypto/
  2. doc/
  3. include/
  4. ssl/
  5. tool/
  6. util/
  7. .clang-format
  8. .gitignore
  9. BUILDING
  10. CMakeLists.txt