CVS: cvs.openbsd.org: src

Doug Hogan Sat, 25 Apr 2015 08:29:43 -0700

CVSROOT:        /cvs
Module name:    src
Changes by:     d...@cvs.openbsd.org    2015/04/25 09:28:47


Modified files:
        lib/libssl/src/ssl: bs_cbs.c 
        regress/lib/libssl/bytestring: bytestringtest.c 

Log message:
Check for invalid leading zeros in CBS_get_asn1_uint64.

ASN.1 integers cannot have all zeros or all ones for the first 9 bits.
This rule ensures the numbers are encoded with the smallest number of
content octets (see ITU-T Rec X.690 section 8.3.2).

Based on BoringSSL commit 5933723b7b592e9914f703d630b596e140c93e16

ok deraadt@ jsing@

CVS: cvs.openbsd.org: src

Reply via email to