summaryrefslogtreecommitdiff
path: root/src/lib/libc/crypt/arc4random.c
diff options
context:
space:
mode:
authorjsing <>2019-04-10 16:23:55 +0000
committerjsing <>2019-04-10 16:23:55 +0000
commit8ab9e3c33c0dd587e42c1c871bbe154fd19af00f (patch)
tree0a9c02f6209b3ff040902c8d9c0757be964ad0eb /src/lib/libc/crypt/arc4random.c
parent1e058bee4dd8093d5d6bebd88f82654927d1582c (diff)
downloadopenbsd-8ab9e3c33c0dd587e42c1c871bbe154fd19af00f.tar.gz
openbsd-8ab9e3c33c0dd587e42c1c871bbe154fd19af00f.tar.bz2
openbsd-8ab9e3c33c0dd587e42c1c871bbe154fd19af00f.zip
Avoid an overread caused by d2i_PrivateKey().
There are cases where the old_priv_decode() function can fail but consume bytes. This will result in the pp pointer being advanced, which causes d2i_PKCS8_PRIV_KEY_INFO() to be called with an advanced pointer and incorrect length. Fixes oss-fuzz #13803 and #14142. ok deraadt@ tb@
Diffstat (limited to 'src/lib/libc/crypt/arc4random.c')
0 files changed, 0 insertions, 0 deletions