CVSROOT: /cvs
Module name: src
Changes by: dera...@cvs.openbsd.org 2021/09/26 08:07:09
Modified files:
lib/libcrypto/x509: Tag: OPENBSD_6_8 x509_constraints.c
Log message:
Avoid a potential overread in x509_constraints_parse_mailbox()
The length checks need to be >= rather than > in order to ensure the string
remains NUL terminated. While here consistently check wi before using it
so we have the same idiom throughout this function.
Issue reported by GoldBinocle on GitHub.
ok deraadt@ tb@
this is 6.8 errata 031
