]> git.ipfire.org Git - thirdparty/openssl.git/commitdiff
projects / thirdparty / openssl.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: c40195b)
UTF8_getc(): Fail with UTF8 values outside UNICODE_LIMIT
authorTomas Mraz <tomas@openssl.org>
Tue, 11 Nov 2025 09:08:30 +0000 (10:08 +0100)
committerTomas Mraz <tomas@openssl.org>
Fri, 14 Nov 2025 08:19:55 +0000 (09:19 +0100)
Reported by Aniruddhan Murali

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Norbert Pocs <norbertp@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29119)

(cherry picked from commit 7deeeb950be7b32a2407fdc37864b23b5b8797bd)

crypto/asn1/a_utf8.c patch | blob | blame | history

diff --git a/crypto/asn1/a_utf8.c b/crypto/asn1/a_utf8.c
index 6572726cf1e5a89c09ab238d775e21c40272fe46..0a6024ffa454e513e14b16676b8990aec565cdc2 100644 (file)
--- a/crypto/asn1/a_utf8.c
+++ b/crypto/asn1/a_utf8.c
@@ -73,7 +73,7 @@ int UTF8_getc(const unsigned char *str, int len, unsigned long *val)
         value |= (*p++ & 0x3f) << 12;
         value |= (*p++ & 0x3f) << 6;
         value |= *p++ & 0x3f;
-        if (value < 0x10000)
+        if (value < 0x10000 || value >= UNICODE_LIMIT)
             return -4;
         ret = 4;
     } else
Mirror of https://github.com/openssl/openssl.git