diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2016-08-05 17:59:32 +0100 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2016-08-05 18:58:56 +0100 |
commit | 39a43280316f1b9c45be5ac5b04f4f5c3f923686 (patch) | |
tree | 596e141dadc4e3c6e3ca17b3db9836c6fd951db8 /crypto/pkcs12 | |
parent | cec0a002ffebda5040f9a00ad0f67fbfad53b80f (diff) |
Sanity check input length in OPENSSL_uni2asc().
Thanks to Hanno Böck for reporting this bug.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Diffstat (limited to 'crypto/pkcs12')
-rw-r--r-- | crypto/pkcs12/p12_utl.c | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/crypto/pkcs12/p12_utl.c b/crypto/pkcs12/p12_utl.c index 408c495e50..c4feb90b9e 100644 --- a/crypto/pkcs12/p12_utl.c +++ b/crypto/pkcs12/p12_utl.c @@ -42,7 +42,9 @@ char *OPENSSL_uni2asc(unsigned char *uni, int unilen) { int asclen, i; char *asctmp; - + /* string must contain an even number of bytes */ + if (unilen & 1) + return NULL; asclen = unilen / 2; /* If no terminating zero allow for one */ if (!unilen || uni[unilen - 1]) |