Avoid out-of-bounds accesses in ASN1_BIT_STRING_{get,set}() - openbsd - A mirror of https://github.com/libressl/openbsd.git

diff options

author	tb <>	2023-12-25 22:02:59 +0000
committer	tb <>	2023-12-25 22:02:59 +0000
commit	73b7427c3c99104d3110af3bddc5fa8049963cd7 (patch)
tree	90d476cacff75c553be0c9a1bd40589eff75659d /src/lib/libc
parent	6fbc05f87ce487143e055a99f6450628fef7d792 (diff)
download	openbsd-73b7427c3c99104d3110af3bddc5fa8049963cd7.tar.gz openbsd-73b7427c3c99104d3110af3bddc5fa8049963cd7.tar.bz2 openbsd-73b7427c3c99104d3110af3bddc5fa8049963cd7.zip

Avoid out-of-bounds accesses in ASN1_BIT_STRING_{get,set}()

If a negative n is passed, these functions would underrun the bitstring's data array. So add checks for that and drop spades of unnecessary parens. These functions are quite broken anyway. The setter attempts to zap the unnecessary trailing zero octets, but fails to do so if the bit being cleared isn't already set. Worse is the getter where you can't tell an error (like attempting an out-of-bounds read) from the bit being unset. ok joshua

Diffstat (limited to 'src/lib/libc')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: