The branch OpenSSL_1_0_2-stable has been updated via f2bb6b8d81944261f65e3231f6eb707a9185162a (commit) from ec91c3db211c071248ef3a0b6dd9ef5ebdca5ab5 (commit)
- Log ----------------------------------------------------------------- commit f2bb6b8d81944261f65e3231f6eb707a9185162a Author: Matt Caswell <m...@openssl.org> Date: Wed May 16 11:59:47 2018 +0100 Fix undefined behaviour in X509_NAME_cmp() If the lengths of both names is 0 then don't attempt to do a memcmp. Issue reported by Simon Friedberger, Robert Merget and Juraj Somorovsky. Reviewed-by: Matthias St. Pierre <matthias.st.pie...@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/6291) (cherry picked from commit 511190b691183a1fb160e7e05e2974dc73cab0c6) ----------------------------------------------------------------------- Summary of changes: crypto/x509/x509_cmp.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/crypto/x509/x509_cmp.c b/crypto/x509/x509_cmp.c index 49c71b9..2d82f8f 100644 --- a/crypto/x509/x509_cmp.c +++ b/crypto/x509/x509_cmp.c @@ -219,7 +219,7 @@ int X509_NAME_cmp(const X509_NAME *a, const X509_NAME *b) ret = a->canon_enclen - b->canon_enclen; - if (ret) + if (ret != 0 || a->canon_enclen == 0) return ret; return memcmp(a->canon_enc, b->canon_enc, a->canon_enclen); _____ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits