Dear all,
another case where NULL should be handled is asn1_multi(). It looks like
sk = sk_ASN1_TYPE_new_null();
[...]
sk_ASN1_TYPE_push(sk, typ);
sk_ASN1_TYPE_push() is defined as sk_push(), which dereferences sk. A
simple patch is attached.
Best regards,
Martin
diff --git
Dear all,
I think the following snippet from OBJ_obj2txt() is missing a NULL-pointer
check.
s=OBJ_nid2ln(nid);
if (s == NULL)
s=OBJ_nid2sn(nid);
if (buf)
BUF_strlcpy(buf,s,buf_len);
OBJ_nid2sn() may
On Tue, Nov 03, 2009 at 10:09:04AM +0100, Martin Kaiser via RT wrote:
> If the parameter has neither ln nor sn, I suggest that -1 is returned.
>
> The attached short patch against today's snapshot fixes this problem
>
Thinking about this again, would it make sense to add an error to the
queue l
On Fri, 2009-10-30 at 18:11 +0100, Robin Seggelmann via RT wrote:
> DTLS fragmentation doesn't consider the additional data required with
> using encryption, so the packet size then exceeds the MTU when
> fragmentation is performed. This patch subtracts the size of the mac
> and the additiona