f68dd54569
CVE-2018-0739 CVE-2019-1563 CVE-2020-1971 CVE-2021-23840 CVE-2021-23841 CVE-2022-0778 CVE-2021-3712 (cherry picked from commit a582068887203f626772052e466343c6ef2d0719)
37 lines
1.3 KiB
Diff
37 lines
1.3 KiB
Diff
From 31c8b265591a0aaa462a1f3eb5770661aaac67db Mon Sep 17 00:00:00 2001
|
|
From: Rich Salz <rsalz@openssl.org>
|
|
Date: Tue, 22 Aug 2017 11:44:41 -0400
|
|
Subject: [PATCH] Avoid out-of-bounds read
|
|
|
|
Fixes CVE 2017-3735
|
|
|
|
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
|
|
(Merged from https://github.com/openssl/openssl/pull/4276)
|
|
|
|
(cherry picked from commit b23171744b01e473ebbfd6edad70c1c3825ffbcd)
|
|
---
|
|
crypto/x509v3/v3_addr.c | 10 ++++++----
|
|
1 file changed, 6 insertions(+), 4 deletions(-)
|
|
|
|
diff --git a/Cryptlib/OpenSSL/crypto/x509v3/v3_addr.c b/Cryptlib/OpenSSL/crypto/x509v3/v3_addr.c
|
|
index 1290dec9bb8..af080a04f2b 100644
|
|
--- a/Cryptlib/OpenSSL/crypto/x509v3/v3_addr.c
|
|
+++ b/Cryptlib/OpenSSL/crypto/x509v3/v3_addr.c
|
|
@@ -130,10 +130,12 @@ static int length_from_afi(const unsigned afi)
|
|
*/
|
|
unsigned int v3_addr_get_afi(const IPAddressFamily *f)
|
|
{
|
|
- return ((f != NULL &&
|
|
- f->addressFamily != NULL && f->addressFamily->data != NULL)
|
|
- ? ((f->addressFamily->data[0] << 8) | (f->addressFamily->data[1]))
|
|
- : 0);
|
|
+ if (f == NULL
|
|
+ || f->addressFamily == NULL
|
|
+ || f->addressFamily->data == NULL
|
|
+ || f->addressFamily->length < 2)
|
|
+ return 0;
|
|
+ return (f->addressFamily->data[0] << 8) | f->addressFamily->data[1];
|
|
}
|
|
|
|
/*
|