mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2024-12-09 05:51:54 +08:00
Code Issues Packages Projects Releases Wiki Activity

Fix CVE-2022-3602 in punycode decoder.

Browse Source 
An off by one error in the punycode decoder allowed for a single unsigned int
overwrite of a buffer which could cause a crash and possible code execution.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(cherry picked from commit fe3b639dc1)
This commit is contained in:
Pauli 2022-10-27 10:21:41 +11:00 committed by Tomas Mraz
parent 89d7231132
commit 3b421ebc64
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
crypto/punycode.c
View File

@ -181,7 +181,7 @@ int ossl_punycode_decode(const char *pEncoded, const size_t enc_len,
n = n + i / (written_out + 1); n = n + i / (written_out + 1);
i %= (written_out + 1); i %= (written_out + 1);
if (written_out > max_out) if (written_out >= max_out)
return 0; return 0;
memmove(pDecoded + i + 1, pDecoded + i, memmove(pDecoded + i + 1, pDecoded + i,