)]}'
{
  "commit": "c2c9f2f3e5c5d57d0186b14ce2463f9c4a8f8cde",
  "tree": "d6e583d0352acb8b38e5ffb964214636e7d1f8b4",
  "parents": [
    "3fff7111b0eca817466e121059cb4e8b67ade35b"
  ],
  "author": {
    "name": "Rudolf Polzer",
    "email": "rpolzer@google.com",
    "time": "Tue May 19 04:01:27 2026 -0700"
  },
  "committer": {
    "name": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com",
    "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com",
    "time": "Wed May 20 00:38:41 2026 -0700"
  },
  "message": "X509_VERIFY_PARAM_inherit/_set1: refuse if either params are poisoned.\n\nBefore, these functions would unconditionally copy the src\u0027s poison flag\nto the dst, potentially resulting in an unpoisoned context even if the\nreason for poisoning (e.g. a field with invalid value) remains.\n\nAfter this change, copying always fails if any of the two params is\npoisoned.\n\nThe most relevant code path for this is when `X509_STORE_CTX_init` is\ncalled with a poisoned `X509_STORE`; it happily copied the poisoned\ncontext and then cleared the poison flag while inheriting from defaults.\n\nYes, instead the calls in `X509_STORE_CTX_init` could be reversed to\nfirst `inherit` from the defaults and then to `set1` from the user\nprovided context, which then would yield the correct copied poison flag;\nhowever it seems prudent to instead harden the public APIs, as there\ncould be more issues of this kind.\n\nNot considering a vulnerability as the poison flag can only ever be set\non a call to us if a caller used an API wrong by ignoring its return\nvalue. Of course, the whole purpose of the flag is to detect and fail\nsuch callers so no damage happens.\n\nChange-Id: Iaed97dfa21863c882a0d46b1b8439ec06a6a6964\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/95527\nCommit-Queue: Rudolf Polzer \u003crpolzer@google.com\u003e\nReviewed-by: Adam Langley \u003cagl@google.com\u003e\nPresubmit-BoringSSL-Verified: boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com \u003cboringssl-scoped@luci-project-accounts.iam.gserviceaccount.com\u003e\n",
  "tree_diff": [
    {
      "type": "modify",
      "old_id": "d3ab671228662abd663a8642c9169bab551caac4",
      "old_mode": 33188,
      "old_path": "crypto/x509/x509_test.cc",
      "new_id": "cc79b090167de17346055d6ef1299ba84100dad4",
      "new_mode": 33188,
      "new_path": "crypto/x509/x509_test.cc"
    },
    {
      "type": "modify",
      "old_id": "a0f8a71723f02f425ecce8de5b905a6146ebaab5",
      "old_mode": 33188,
      "old_path": "crypto/x509/x509_vpm.cc",
      "new_id": "75079814413ff6635671d04b164cedda0315abf5",
      "new_mode": 33188,
      "new_path": "crypto/x509/x509_vpm.cc"
    }
  ]
}