Fix length checks in X509_cmp_time to avoid out-of-bounds reads. (370ac320) · Commits · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

Commit 370ac320 authored Apr 08, 2015 by

Emilia Kasper Committed by Matt Caswell Jun 11, 2015

Fix length checks in X509_cmp_time to avoid out-of-bounds reads.



Also tighten X509_cmp_time to reject more than three fractional
seconds in the time; and to reject trailing garbage after the offset.

CVE-2015-1789

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>

parent dd90a91d

Hide whitespace changes

Inline Side-by-side

Please register or to comment