Skip to main content
Revision 361071993182c0a37d421e2ea9a1f84ec4f1ac4f authored by Matt Caswell on 19 May 2015, 12:59:47 UTC, committed by Matt Caswell on 04 June 2015, 08:26:43 UTC
Fix off-by-one error in BN_bn2hex
A BIGNUM can have the value of -0. The function BN_bn2hex fails to account
for this and can allocate a buffer one byte too short in the event of -0
being used, leading to a one byte buffer overrun. All usage within the
OpenSSL library is considered safe. Any security risk is considered
negligible.

With thanks to Mateusz Kocielski (LogicalTrust), Marek Kroemeke and
Filip Palian for discovering and reporting this issue.

Reviewed-by: Tim Hudson <tjh@openssl.org>
(cherry picked from commit c56353071d9849220714d8a556806703771b9269)

Conflicts:
	crypto/bn/bn_print.c
1 parent af3aa2b
History
FileModeSize
MacOS
Netware
VMS
apps
bugs
certs
crypto
demos
doc
engines
include
ms
os2
perl
shlib
ssl
test
times
tools
util
.cvsignore -rw-r--r--193 bytes
.gitignore -rw-r--r--1.7 KB
ACKNOWLEDGMENTS -rw-r--r--1.0 KB
CHANGES -rw-r--r--456.3 KB
CHANGES.SSLeay -rw-r--r--41.7 KB
Configure -rwxr-xr-x108.7 KB
FAQ -rw-r--r--45.7 KB
GitConfigure -rwxr-xr-x207 bytes
GitMake -rwxr-xr-x81 bytes
INSTALL -rw-r--r--14.3 KB
INSTALL.DJGPP -rw-r--r--2.0 KB
INSTALL.MacOS -rw-r--r--3.2 KB
INSTALL.NW -rw-r--r--18.4 KB
INSTALL.OS2 -rw-r--r--744 bytes
INSTALL.VMS -rw-r--r--10.7 KB
INSTALL.W32 -rw-r--r--11.6 KB
INSTALL.W64 -rw-r--r--2.1 KB
INSTALL.WCE -rw-r--r--3.2 KB
LICENSE -rw-r--r--6.1 KB
Makefile.org -rw-r--r--22.7 KB
Makefile.shared -rw-r--r--21.4 KB
NEWS -rw-r--r--30.1 KB
PROBLEMS -rw-r--r--8.5 KB
README -rw-r--r--7.7 KB
README.ASN1 -rw-r--r--7.5 KB
README.ENGINE -rw-r--r--15.7 KB
TABLE -rw-r--r--171.0 KB
config -rwxr-xr-x28.4 KB
e_os.h -rw-r--r--24.7 KB
e_os2.h -rw-r--r--10.7 KB
install.com -rw-r--r--3.6 KB
makevms.com -rwxr-xr-x39.2 KB
openssl.doxy -rw-r--r--137 bytes
openssl.spec -rw-r--r--7.7 KB

README

back to top