mirror of
https://github.com/openssl/openssl.git
synced 2024-12-09 05:51:54 +08:00
Fix CVE-2022-3602 in punycode decoder.
An off by one error in the punycode decoder allowed for a single unsigned int overwrite of a buffer which could cause a crash and possible code execution. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
This commit is contained in:
parent
4bae06d47a
commit
fe3b639dc1
@ -181,7 +181,7 @@ int ossl_punycode_decode(const char *pEncoded, const size_t enc_len,
|
||||
n = n + i / (written_out + 1);
|
||||
i %= (written_out + 1);
|
||||
|
||||
if (written_out > max_out)
|
||||
if (written_out >= max_out)
|
||||
return 0;
|
||||
|
||||
memmove(pDecoded + i + 1, pDecoded + i,
|
||||
|
Loading…
Reference in New Issue
Block a user