ASN1 Strings that are over 1024 bytes can cause an overread in
applications using the X509_NAME_oneline() function on EBCDIC systems.
This could result in arbitrary stack data being returned in the buffer.
Issue reported by Guido Vranken.
CVE-2016-2176
Reviewed-by: Andy Polyakov <appro@openssl.org>
Sanity check field lengths and sums to avoid potential overflows and reject
excessively large X509_NAME structures.
Issue reported by Guido Vranken.
Reviewed-by: Matt Caswell <matt@openssl.org>
(cherry picked from commit 9b08619cb45e75541809b1154c90e1a00450e537)
Conflicts:
crypto/x509/x509.h
crypto/x509/x509_err.c
Reject zero length buffers passed to X509_NAME_onelne().
Issue reported by Guido Vranken.
Reviewed-by: Matt Caswell <matt@openssl.org>
(cherry picked from commit b33d1141b6dcce947708b984c5e9e91dad3d675d)
like Malloc, Realloc and especially Free conflict with already existing names
on some operating systems or other packages. That is reason enough to change
the names of the OpenSSL memory allocation macros to something that has a
better chance of being unique, like prepending them with OPENSSL_.
This change includes all the name changes needed throughout all C files.
Win32 version of rename() ). There isn't a precise rename() equivalent under
Win95: the standard rename() complains if the destination already exists so
replaced with a combination of unlink() and MoveFile().
