diff options
| author | schwarze <> | 2024-12-23 09:05:27 +0000 | 
|---|---|---|
| committer | schwarze <> | 2024-12-23 09:05:27 +0000 | 
| commit | f22967b2fa35c97689f4724fc35c796ff789398f (patch) | |
| tree | 53d051d6c50bb3e5bbd2e0aa5a7e5f45b68f3f6d /src/lib/libssl/tls13_server.c | |
| parent | 2ecd3d9706475af4aad01456985713b88d13f3b5 (diff) | |
| download | openbsd-f22967b2fa35c97689f4724fc35c796ff789398f.tar.gz openbsd-f22967b2fa35c97689f4724fc35c796ff789398f.tar.bz2 openbsd-f22967b2fa35c97689f4724fc35c796ff789398f.zip | |
Fix the error handling in X509V3_parse_list(3); it ignored failures
of the internal subroutine X509V3_add_value(), which could result
in silently losing part of the input data on memory exhaustion.
I independently rediscovered this bug while writing the documentation,
then noticed after fixing it that Zhou Qingyang <zhou1615 at umn dot edu>
fixed it in essentially the same way in OpenSSL 3 (commit bcd5645b
on Apr 11 02:05:19 2022 +0800), but it wasn't backported to the
OpenSSL 1.1.1 branch.
OK tb@
Diffstat (limited to 'src/lib/libssl/tls13_server.c')
0 files changed, 0 insertions, 0 deletions
