CVSROOT: /cvs
Module name: src
Changes by: js...@cvs.openbsd.org 2022/02/11 20:07:25
Modified files:
lib/libcrypto/asn1: asn1_par.c
Log message:
Avoid potential single byte overread in asn1_parse2().
A fix for this was previously commited in r1.32, however while this added
a bounds check the logic means we still fall through and perform the
overread. Fix the logic such that we only log the error if the bounds check
fails. While here, flip the test around such that we check for validity then
print (which is more readable and matches earlier code).
ok inoguchi@ tb@
