Commit 39a43280 authored by Dr. Stephen Henson's avatar Dr. Stephen Henson
Browse files

Sanity check input length in OPENSSL_uni2asc(). 



Thanks to Hanno Böck for reporting this bug.

Reviewed-by: default avatarRich Salz <rsalz@openssl.org>
parent cec0a002

crypto/pkcs12/p12_utl.c

+3 −1
Original line number Diff line number Diff line
@@ -42,7 +42,9 @@ char *OPENSSL_uni2asc(unsigned char *uni, int unilen) 
{

    int asclen, i;

    char *asctmp;



    /* string must contain an even number of bytes */

    if (unilen & 1)

        return NULL;

    asclen = unilen / 2;

    /* If no terminating zero allow for one */

    if (!unilen || uni[unilen - 1])