CVSROOT: /cvs Module name: src Changes by: [email protected] 2022/01/04 13:17:07
Modified files:
lib/libcrypto/x509: x509_addr.c
Log message:
Add a length check to make_addressPrefix()
Make the callers pass in the afi so that make_addressPrefix() can check
prefixlen to be reasonable. If the afi is anything else than IPv4 or
IPv6, cap its length at the length needed for IPv6. This way we avoid
arbitrary out-of-bounds reads if the caller decides to pass in something
stupid.
ok inoguchi jsing
