Skip to content
Commit 29195161 authored by Matt Caswell's avatar Matt Caswell
Browse files

Prevent EBCDIC overread for very long strings



ASN1 Strings that are over 1024 bytes can cause an overread in
applications using the X509_NAME_oneline() function on EBCDIC systems.
This could result in arbitrary stack data being returned in the buffer.

Issue reported by Guido Vranken.

CVE-2016-2176

Reviewed-by: default avatarAndy Polyakov <appro@openssl.org>
parent 56ea2245
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment