The branch OpenSSL_1_0_1-stable has been updated via 5db2a579b72b94aa0dacb08530768a1a5759237d (commit) from c648bdcc4cd8a7d1699081d339ff33deda69a3be (commit)
- Log ----------------------------------------------------------------- commit 5db2a579b72b94aa0dacb08530768a1a5759237d Author: Dr. Stephen Henson <st...@openssl.org> Date: Tue Aug 2 23:53:41 2016 +0100 Calculate sequence length properly. Use correct length in old ASN.1 indefinite length sequence decoder (only used by SSL_SESSION). This bug was discovered by Hanno Böck using libfuzzer. Reviewed-by: Rich Salz <rs...@openssl.org> (cherry picked from commit 436dead2e2a157fa501a7538a77b6078391b477f) ----------------------------------------------------------------------- Summary of changes: crypto/asn1/asn1_lib.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/crypto/asn1/asn1_lib.c b/crypto/asn1/asn1_lib.c index 8752654..80f5f2b 100644 --- a/crypto/asn1/asn1_lib.c +++ b/crypto/asn1/asn1_lib.c @@ -328,7 +328,7 @@ int asn1_GetSequence(ASN1_const_CTX *c, long *length) return (0); } if (c->inf == (1 | V_ASN1_CONSTRUCTED)) - c->slen = *length + *(c->pp) - c->p; + c->slen = *length; c->eos = 0; return (1); } _____ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits