Loading changes/bug17404 0 → 100644 +6 −0 Original line number Diff line number Diff line o Major bugfixes (security, correctness): - Fix a programming error that could cause us to read 4 bytes before the beginning of an openssl string. This could be used to provoke a crash on systems with an unusual malloc implementation, or systems with unsual hardening installed. Fixes bug 17404; bugfix on 0.2.3.6-alpha. src/common/tortls.c +4 −0 Original line number Diff line number Diff line Loading @@ -2676,6 +2676,10 @@ dn_indicates_v3_cert(X509_NAME *name) len = ASN1_STRING_to_UTF8(&s, str); if (len < 0) return 0; if (len < 4) { OPENSSL_free(s); return 1; } r = fast_memneq(s + len - 4, ".net", 4); OPENSSL_free(s); return r; Loading Loading
changes/bug17404 0 → 100644 +6 −0 Original line number Diff line number Diff line o Major bugfixes (security, correctness): - Fix a programming error that could cause us to read 4 bytes before the beginning of an openssl string. This could be used to provoke a crash on systems with an unusual malloc implementation, or systems with unsual hardening installed. Fixes bug 17404; bugfix on 0.2.3.6-alpha.
src/common/tortls.c +4 −0 Original line number Diff line number Diff line Loading @@ -2676,6 +2676,10 @@ dn_indicates_v3_cert(X509_NAME *name) len = ASN1_STRING_to_UTF8(&s, str); if (len < 0) return 0; if (len < 4) { OPENSSL_free(s); return 1; } r = fast_memneq(s + len - 4, ".net", 4); OPENSSL_free(s); return r; Loading