CVSROOT: /cvs Module name: src Changes by: t...@cvs.openbsd.org 2022/03/28 02:19:15
Modified files:
usr.sbin/rpki-client: cms.c
Log message:
Fix error check of CMS_unsigned_get_addr_count()
According to RFC 5652, unsignedAttrs are a SET OF at least one member,
however the CMS code doesn't actually check for this. Since SET OF may
contain zero members in general, an empty set of unsignedAttrs would
be accepted. Catch this by explicitly checking for a -1 return value.
ok claudio
