Fix the error handling in X509V3_parse_list(3); it ignored failures - openbsd - A mirror of https://github.com/libressl/openbsd.git

diff options

author	schwarze <>	2024-12-23 09:05:27 +0000
committer	schwarze <>	2024-12-23 09:05:27 +0000
commit	4d64565b055a8c6210e8b50ccc27e0c6a5473ece (patch)
tree	53d051d6c50bb3e5bbd2e0aa5a7e5f45b68f3f6d /src/usr.sbin
parent	91ac30d1f192fcfdf38e95c27804a08d2d07bbcb (diff)
download	openbsd-4d64565b055a8c6210e8b50ccc27e0c6a5473ece.tar.gz openbsd-4d64565b055a8c6210e8b50ccc27e0c6a5473ece.tar.bz2 openbsd-4d64565b055a8c6210e8b50ccc27e0c6a5473ece.zip

Fix the error handling in X509V3_parse_list(3); it ignored failures

of the internal subroutine X509V3_add_value(), which could result in silently losing part of the input data on memory exhaustion. I independently rediscovered this bug while writing the documentation, then noticed after fixing it that Zhou Qingyang <zhou1615 at umn dot edu> fixed it in essentially the same way in OpenSSL 3 (commit bcd5645b on Apr 11 02:05:19 2022 +0800), but it wasn't backported to the OpenSSL 1.1.1 branch. OK tb@

Diffstat (limited to 'src/usr.sbin')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: