CVSROOT: /cvs Module name: src Changes by: [email protected] 2023/02/21 03:18:47
Modified files:
usr.sbin/rpki-client: cert.c cms.c crl.c
Log message:
rpki-client: ensure there is no trailing garbage in signed objects
The d2i functions are designed in such a way that the caller is responsible
to check if the entire buffer was consumed. Add checks on deserializing a
signed object to ensure the entire file has been consumed. Reject the file
if it has trailing garbage.
found by & ok job, ok claudio
