The add_cert_dir() function in openssl/crypto/x509/by_dir.c is broken. There is a loop to detect duplicate entries but its results are ignored, it will also go out of bounds on some malformed parameters.
See also https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=206346 Patches against 0.9.8 and CVS attached. -- Tomas Mraz No matter how far down the wrong road you've gone, turn back. Turkish proverb ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [EMAIL PROTECTED]
