From: "Dr. Stephen Henson"
> [...] A simple workaround would be to copy
> argv into a malloced copy that is properly NULL terminated if you haven't done
> that already. As all the apps go through main() code in apps/openssl.c you
> should only need to change one place.
http://antinode.info
Hi,
Is TLS 1.2 protocol being implemented currently or is there a plan
for implementing it in the near future?
Thanks,
-Dharmendra
__
OpenSSL Project http://www.openssl.org
Development Mailing Li
From: "Dr. Stephen Henson"
> [...] A simple workaround would be to copy
> argv into a malloced copy that is properly NULL terminated if you haven't done
> that already. As all the apps go through main() code in apps/openssl.c you
> should only need to change one place.
That probably makes (mu
On Tue, Mar 08, 2011, Steven M. Schweda wrote:
>There seems to be some evidence that argv[] _should_ be
> NULL-terminated, which would seem to shift the the blame for the
> misbehavior of the "apps/" programs (on Alpha with 64-bit pointers) from
> programs themselves to HP's C compiler team.
>
OpenSSL version: 0.9.8o
You can see line 659 of apps/pkcs12.c blindly dereferences a possibly null
pointer.
Attached is a bomb.p12 file which will let you exercise the bug and a patch
that fixes it.
Warning: bomb.p12 may or may not be a valid PKCS12 file, it is early output
from new software,