diff options
author | tb <> | 2021-12-28 15:59:13 +0000 |
---|---|---|
committer | tb <> | 2021-12-28 15:59:13 +0000 |
commit | 77605a5406d4a8081d34a468e122e41a06870c06 (patch) | |
tree | bfdc765c3802af50aa51ec0046deaae839512b03 /src/lib/libcrypto/cms | |
parent | c663a0ac3bd396fb1578e66a3027506bc57394e4 (diff) | |
download | openbsd-77605a5406d4a8081d34a468e122e41a06870c06.tar.gz openbsd-77605a5406d4a8081d34a468e122e41a06870c06.tar.bz2 openbsd-77605a5406d4a8081d34a468e122e41a06870c06.zip |
Check for trailing garbage in X509_addr_get_afi()
Per RFC 3779 2.2.3.3, the addressFamily field contains the 2-byte AFI
and an optional 1-byte SAFI. Nothing else. The optional SAFI is nowhere
exposed in the API. It is used expliclty only for pretty printing. There
are implicit uses in a few places, notably for sorting/comparing where
trailing garbage would be erroneously taken into account.
Erroring in this situation will let us avoid this in upcoming revisions.
ok inoguchi jsing
Diffstat (limited to 'src/lib/libcrypto/cms')
0 files changed, 0 insertions, 0 deletions