CVSROOT: /cvs
Module name: src
Changes by: [email protected] 2021/12/28 08:59:13
Modified files:
lib/libcrypto/x509: x509_addr.c
Log message:
Check for trailing garbage in X509_addr_get_afi()
Per RFC 3779 2.2.3.3, the addressFamily field contains the 2-byte AFI
and an optional 1-byte SAFI. Nothing else. The optional SAFI is nowhere
exposed in the API. It is used expliclty only for pretty printing. There
are implicit uses in a few places, notably for sorting/comparing where
trailing garbage would be erroneously taken into account.
Erroring in this situation will let us avoid this in upcoming revisions.
ok inoguchi jsing
