]> git.ipfire.org Git - thirdparty/openssl.git/commit
projects / thirdparty / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: a5a7cc7) | patch
Fix heap-buffer-overflow in CI fuzzing tests
authorBernd Edlinger <bernd.edlinger@hotmail.de>
Tue, 21 Oct 2025 11:42:00 +0000 (13:42 +0200)
committerNeil Horman <nhorman@openssl.org>
Tue, 21 Oct 2025 19:24:44 +0000 (15:24 -0400)
commitdfc6f643c09aba831d4856597ef9633dda2fb6c4
treef2f55dc1f7ec86bdbc2a2fb21e1b1a8fc4d3d4a1tree
parenta5a7cc7593785bd7b8d790d8fb6c204cd2c265a7commit | diff
Fix heap-buffer-overflow in CI fuzzing tests

The ASN1_STRING is not supposed to be used as a
zero-terminated string.  Therefore we need to check
the string length explicitly and use memcmp instead of
strcmp in ossl_x509_check_cert_time.

Fixes a regression introduced by #28623

Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/28962)
crypto/x509/x509_vfy.c diff | blob | blame | history
Mirror of https://github.com/openssl/openssl.git