Avoid out-of-bounds accesses in ASN1_BIT_STRING_{get,set}() - openbsd - A mirror of https://github.com/libressl/openbsd.git

diff options

author	tb <>	2023-12-25 22:02:59 +0000
committer	tb <>	2023-12-25 22:02:59 +0000
commit	a42068ce674b48e2f26710269f43fa6c18e895dc (patch)
tree	90d476cacff75c553be0c9a1bd40589eff75659d /src/lib/libcrypto/evp/p_lib.c
parent	4e938e1bcd14ffc64708396f95e6e91a09735e32 (diff)
download	openbsd-a42068ce674b48e2f26710269f43fa6c18e895dc.tar.gz openbsd-a42068ce674b48e2f26710269f43fa6c18e895dc.tar.bz2 openbsd-a42068ce674b48e2f26710269f43fa6c18e895dc.zip

Avoid out-of-bounds accesses in ASN1_BIT_STRING_{get,set}()

If a negative n is passed, these functions would underrun the bitstring's data array. So add checks for that and drop spades of unnecessary parens. These functions are quite broken anyway. The setter attempts to zap the unnecessary trailing zero octets, but fails to do so if the bit being cleared isn't already set. Worse is the getter where you can't tell an error (like attempting an out-of-bounds read) from the bit being unset. ok joshua

Diffstat (limited to 'src/lib/libcrypto/evp/p_lib.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: