In the BIO_debug_callback function, we call BIO_snprintf which could return -1 
in the case of an error. However, there is no check for this condition, and so 
the subsequent code would subtract one from buf and write data there, 
overwriting the byte immediately before the static buffer.

This patch fixes the problem by checking for a negative return code from the 
first BIO_sprintf.



-- 
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4649
Please log in as guest with password guest if prompted

Attachment: BIO_debug_callback.patch
Description: Binary data

-- 
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

Reply via email to