Build Update for mouse07410/openssl
-------------------------------------
Build: #17
Status: Broken
Duration: 19 minutes and 20 seconds
Commit: a004e72 (OpenSSL_1_0_2-stable)
Author: Matt Caswell
Message: Avoid some undefined pointer arithmetic
A common idiom in the codebase is:
if (p + len > limit)
{
return; /* Too long */
}
Where "p" points to some malloc'd data of SIZE bytes and
limit == p + SIZE
"len" here could be from some externally supplied data (e.g. from a TLS
message).
The rules of C pointer arithmetic are such that "p + len" is only well
defined where len <= SIZE. Therefore the above idiom is actually
undefined behaviour.
For example this could cause problems if some malloc implementation
provides an address for "p" such that "p + len" actually overflows for
values of len that are too big and therefore p + len < limit!
Issue reported by Guido Vranken.
CVE-2016-2177
Reviewed-by: Rich Salz <[email protected]>
View the changeset:
https://github.com/mouse07410/openssl/compare/f792c663048f...a004e72b9583
View the full build log and details:
https://travis-ci.org/mouse07410/openssl/builds/134761268
--
You can configure recipients for build notifications in your .travis.yml file.
See https://docs.travis-ci.com/user/notifications
_____
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
