CVSROOT: /cvs Module name: src Changes by: dera...@cvs.openbsd.org 2021/09/26 08:07:40
Modified files: lib/libcrypto/x509: Tag: OPENBSD_6_9 x509_constraints.c Log message: Avoid a potential overread in x509_constraints_parse_mailbox() The length checks need to be >= rather than > in order to ensure the string remains NUL terminated. While here consistently check wi before using it so we have the same idiom throughout this function. Issue reported by GoldBinocle on GitHub. ok deraadt@ tb@ this is 6.9 errata 017