Commit 13bacff9 authored by Dr. Stephen Henson's avatar Dr. Stephen Henson
Browse files

Sanity check input length in OPENSSL_uni2asc(). 



Thanks to Hanno Böck for reporting this bug.

Reviewed-by: default avatarRich Salz <rsalz@openssl.org>
(cherry picked from commit 39a43280)

Conflicts:
	crypto/pkcs12/p12_utl.c
parent e1be1dce

crypto/pkcs12/p12_utl.c

+4 −0
Original line number Diff line number Diff line
@@ -91,6 +91,10 @@ char *OPENSSL_uni2asc(unsigned char *uni, int unilen) 
{

    int asclen, i;

    char *asctmp;



    /* string must contain an even number of bytes */

    if (unilen & 1)

        return NULL;

    asclen = unilen / 2;

    /* If no terminating zero allow for one */

    if (!unilen || uni[unilen - 1])