Skip to content
Commit ee763495 authored by Matt Caswell's avatar Matt Caswell
Browse files

Sanity check the ticket length before using key name/IV



This could in theory result in an overread - but due to the over allocation
of the underlying buffer does not represent a security issue.

Thanks to Fedor Indutny for reporting this issue.

Reviewed-by: default avatarRich Salz <rsalz@openssl.org>
Reviewed-by: default avatarBen Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/5414)
parent c7a47adc
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment