Sanity check input length in OPENSSL_uni2asc().

Thanks to Hanno Böck for reporting this bug. Reviewed-by: N Rich Salz <rsalz@openssl.org>

Sanity check input length in OPENSSL_uni2asc().
Thanks to Hanno Böck for reporting this bug. Reviewed-by: N Rich Salz <rsalz@openssl.org>
39a43280 · Dr. Stephen Henson · cec0a002 · 39a43280
隐藏空白更改
内联并排

Showing with 3 addition and 1 deletion

crypto/pkcs12/p12_utl.c crypto/pkcs12/p12_utl.c +3 -1

未找到文件。
--- a/crypto/pkcs12/p12_utl.c
+++ b/crypto/pkcs12/p12_utl.c
@@ -42,7 +42,9 @@ char *OPENSSL_uni2asc(unsigned char *uni, int unilen)
 {
    int asclen, i;
    char *asctmp;
-
+    /* string must contain an even number of bytes */
+    if (unilen & 1)
+        return NULL;
    asclen = unilen / 2;
    /* If no terminating zero allow for one */
    if (!unilen || uni[unilen - 1])