CVE-2016-2180

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

And a small understanding.

We are supplying buffer is about to 128 bytes to fill the converted message,
So, if the obj(ASN1_OBJECT) size is more than that(supplied buffer) size
OBJ_obj2txt will do truncate and will return the obj(ASN1_OBJECT) message
length.  It results in more than 128(returned length) bytes. Because of this
crash is happening.
(or)
In which scenario the OBJ_obj2txt() truncates the supplied message.





--
View this message in context: http://openssl.6102.n7.nabble.com/CVE-2016-2180-tp67815p68392.html
Sent from the OpenSSL - User mailing list archive at Nabble.com.
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux