Fix the error handling in X509V3_parse_list(3); it ignored failures - openbsd - A mirror of https://github.com/libressl/openbsd.git

diff options

author	schwarze <>	2024-12-23 09:05:27 +0000
committer	schwarze <>	2024-12-23 09:05:27 +0000
commit	f22967b2fa35c97689f4724fc35c796ff789398f (patch)
tree	53d051d6c50bb3e5bbd2e0aa5a7e5f45b68f3f6d /src/lib/libcrypto/stack
parent	2ecd3d9706475af4aad01456985713b88d13f3b5 (diff)
download	openbsd-f22967b2fa35c97689f4724fc35c796ff789398f.tar.gz openbsd-f22967b2fa35c97689f4724fc35c796ff789398f.tar.bz2 openbsd-f22967b2fa35c97689f4724fc35c796ff789398f.zip

Fix the error handling in X509V3_parse_list(3); it ignored failures

of the internal subroutine X509V3_add_value(), which could result in silently losing part of the input data on memory exhaustion. I independently rediscovered this bug while writing the documentation, then noticed after fixing it that Zhou Qingyang <zhou1615 at umn dot edu> fixed it in essentially the same way in OpenSSL 3 (commit bcd5645b on Apr 11 02:05:19 2022 +0800), but it wasn't backported to the OpenSSL 1.1.1 branch. OK tb@

Diffstat (limited to 'src/lib/libcrypto/stack')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: