mirror of
https://github.com/openssl/openssl.git
synced 2024-12-09 05:51:54 +08:00
Fix CVE-2022-3602 in punycode decoder.
An off by one error in the punycode decoder allowed for a single unsigned int
overwrite of a buffer which could cause a crash and possible code execution.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(cherry picked from commit fe3b639dc1
)
This commit is contained in:
parent
89d7231132
commit
3b421ebc64
@ -181,7 +181,7 @@ int ossl_punycode_decode(const char *pEncoded, const size_t enc_len,
|
||||
n = n + i / (written_out + 1);
|
||||
i %= (written_out + 1);
|
||||
|
||||
if (written_out > max_out)
|
||||
if (written_out >= max_out)
|
||||
return 0;
|
||||
|
||||
memmove(pDecoded + i + 1, pDecoded + i,
|
||||
|
Loading…
Reference in New Issue
Block a user