From ac446f804f10dfa09dd8c5e483ded6d2ac7cdeb7 Mon Sep 17 00:00:00 2001
From: beck <>
Date: Sun, 20 Sep 2020 18:22:31 +0000
Subject: Correct a 1 byte read overflow in x509_contraints_uri and add regress
 to catch it in the future.

found by Guido Vranken's cryptofuzzer

ok tb@
---
 src/regress/lib/libcrypto/x509/constraints.c | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'src/regress/lib/libcrypto/x509/constraints.c')

diff --git a/src/regress/lib/libcrypto/x509/constraints.c b/src/regress/lib/libcrypto/x509/constraints.c
index 86ed8faf14..6e76f08113 100644
--- a/src/regress/lib/libcrypto/x509/constraints.c
+++ b/src/regress/lib/libcrypto/x509/constraints.c
@@ -152,6 +152,10 @@ unsigned char *invaliduri[] = {
 	"https://.www.openbsd.org/",
 	"https://www.ope|nbsd.org%",
 	"https://www.openbsd.org.#",
+	"///",
+	"//",
+	"/",
+	"",
 	NULL,
 };
 
-- 
cgit v1.2.3-55-g6feb