summaryrefslogtreecommitdiffstats
path: root/e_os.h
diff options
context:
space:
mode:
authorPauli <pauli@openssl.org>2022-10-27 10:22:47 +1100
committerTomas Mraz <tomas@openssl.org>2022-11-01 10:49:18 +0100
commitc42165b5706e42f67ef8ef4c351a9a4c5d21639a (patch)
treec7d42a14c7edb88971fb1f8feb8353870b242ffc /e_os.h
parentfe3b639dc19b325846f4f6801f2f4604f56e3de3 (diff)
Fix CVE-2022-3786 in punycode decoder.
Fixed the ossl_a2ulabel() function which also contained a potential buffer overflow, albeit without control of the contents. This overflow could result in a crash (causing a denial of service). The function also did not NUL-terminate the output in some cases. The two issues fixed here were dentified and reported by Viktor Dukhovni while researching CVE-2022-3602. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
Diffstat (limited to 'e_os.h')
0 files changed, 0 insertions, 0 deletions