Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-06 08:38:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Fix read at invalid address in X509 extension parser.

Browse source 
When encountering an extension unknown to OpenSSL, we would read from
the wrong memory location. Also added a testcase to prevent this specific
case from happening again.
This commit is contained in:
Johanna Amann 2018-06-04 11:43:20 -07:00
parent 19b893a5bc
commit a891517762
3 changed files with 16 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

2
src/file_analysis/analyzer/x509/X509Common.cc
View file

@ -244,7 +244,7 @@ void file_analysis::X509Common::ParseExtension(X509_EXTENSION* ex, EventHandlerP
int len = i2d_ASN1_OCTET_STRING(X509_EXTENSION_get_data(ex), &buf);
if ( len >=0 )
{
BIO_write(bio, &buf, len);
BIO_write(bio, buf, len);
OPENSSL_free(buf);
}
}