]> git.ipfire.org Git - thirdparty/openssl.git/commit
projects / thirdparty / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 8ddacec) | patch
Fix stack corruption in ui_read
authorBernd Edlinger <bernd.edlinger@hotmail.de>
Sat, 13 May 2023 07:04:18 +0000 (09:04 +0200)
committerTomas Mraz <tomas@openssl.org>
Wed, 17 May 2023 10:09:23 +0000 (12:09 +0200)
commit0f90c4de9f58070a423003ec6b34ef1a9a670ec9
tree427e98baa69694dae1f010fccee413bef2576bdftree
parent8ddacec11481a37302c19f4454e23299af399f83commit | diff
Fix stack corruption in ui_read

This is an alternative to #20893

Additionally this fixes also a possible issue in UI_UTIL_read_pw:

When UI_new returns NULL, the result code would still be zero
as if UI_UTIL_read_pw succeeded, but the password buffer is left
uninitialized, with subsequent possible stack corruption or worse.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20957)

(cherry picked from commit a64c48cff88e032cf9513578493c4536df725a22)
crypto/ui/ui_lib.c diff | blob | blame | history
crypto/ui/ui_util.c diff | blob | blame | history
Mirror of https://github.com/openssl/openssl.git