CVSROOT: /cvs
Module name: src
Changes by: [email protected] 2015/04/25 09:28:47
Modified files:
lib/libssl/src/ssl: bs_cbs.c
regress/lib/libssl/bytestring: bytestringtest.c
Log message:
Check for invalid leading zeros in CBS_get_asn1_uint64.
ASN.1 integers cannot have all zeros or all ones for the first 9 bits.
This rule ensures the numbers are encoded with the smallest number of
content octets (see ITU-T Rec X.690 section 8.3.2).
Based on BoringSSL commit 5933723b7b592e9914f703d630b596e140c93e16
ok deraadt@ jsing@
