Skip to content
Commit ea96ad5a authored by Matt Caswell's avatar Matt Caswell
Browse files

Prevent EBCDIC overread for very long strings



ASN1 Strings that are over 1024 bytes can cause an overread in
applications using the X509_NAME_oneline() function on EBCDIC systems.
This could result in arbitrary stack data being returned in the buffer.

Issue reported by Guido Vranken.

CVE-2016-2176

Reviewed-by: default avatarAndy Polyakov <appro@openssl.org>
parent 3f358213
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment