Skip to content

i2d_RSAPublicKey retval ignored in multiple callsites

Hello. Here follows a bug report by Guido Vranken received through the hackerone program.

There are various places in the codebase where we don't check the retval of i2d_RSA_PublicKey() (or its callers). That function can fail in cases of OOM, and this is something we should be handling correctly. This is a similar case to #17686 (moved).

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information