Add a length check to make_addressPrefix() - openbsd - A mirror of https://github.com/libressl/openbsd.git

diff options

author	tb <>	2022-01-04 20:17:07 +0000
committer	tb <>	2022-01-04 20:17:07 +0000
commit	d235f330b93d8c591156c615050f255e26f6c1fa (patch)
tree	41e77008e192a5ddf738116c0af4c65c872f0282 /src/lib/libssl/tls13_server.c
parent	30d458cb83a34a6210684724a11baa6273482c46 (diff)
download	openbsd-d235f330b93d8c591156c615050f255e26f6c1fa.tar.gz openbsd-d235f330b93d8c591156c615050f255e26f6c1fa.tar.bz2 openbsd-d235f330b93d8c591156c615050f255e26f6c1fa.zip

Add a length check to make_addressPrefix()

Make the callers pass in the afi so that make_addressPrefix() can check prefixlen to be reasonable. If the afi is anything else than IPv4 or IPv6, cap its length at the length needed for IPv6. This way we avoid arbitrary out-of-bounds reads if the caller decides to pass in something stupid. ok inoguchi jsing

Diffstat (limited to 'src/lib/libssl/tls13_server.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: