commit 0dccfbc6c7dda409deb1ce88fd21caf50d4f9bde
author Emilia Kasper <emilia@openssl.org> Wed Aug 06 17:23:04 2014 -0700
committer Adam Langley <agl@google.com> Thu Aug 07 21:09:47 2014 +0000
tree cbe46a8157e9898457503661d482372b4d26d84a
parent abae631fb9af14c60834c58769ef57979ff35eee

Fix OID handling.

- Upon parsing, reject OIDs with invalid base-128 encoding.
- Always NUL-terminate the destination buffer in OBJ_obj2txt printing
  function.

CVE-2014-3508

(Imported from upstream's c01618dd822cc724c05eeb52455874ad068ec6a5)

Change-Id: I12bdeeaa700183195e4c2f474f964f8ae7a04549
Reviewed-on: https://boringssl-review.googlesource.com/1440
Reviewed-by: David Benjamin <davidben@chromium.org>
Reviewed-by: Adam Langley <agl@google.com>