openssl/fuzz/corpora
Matt Caswell aec9667bd1 Don't assume the type we read was the type we expected
i2v_GENERAL_NAME and GENERAL_NAME_print were assuming that the type of
of a GENERAL_NAME (OTHERNAME) that we read in was the type we expected
it to be. If its something else then this can cause unexpected
behaviour. In the added fuzz test case an OOB read was occurring.

This issue was recently added by commit 4baee2d.

Credit to OSSFuzz for finding this issue.

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10300)
2019-11-04 12:49:19 +00:00
..
asn1 Update fuzz corpora 2018-08-23 22:08:08 +02:00
asn1parse Update fuzz corpora 2018-08-23 22:08:08 +02:00
bignum Update fuzz corpora 2018-08-23 22:08:08 +02:00
bndiv Update fuzz corpora 2018-08-23 22:08:08 +02:00
client Update fuzz corpora 2018-08-23 22:08:08 +02:00
cms Update fuzz corpora 2018-08-23 22:08:08 +02:00
conf Update fuzz corpora 2018-08-23 22:08:08 +02:00
crl Update fuzz corpora 2018-08-23 22:08:08 +02:00
ct Update fuzz corpora 2018-08-23 22:08:08 +02:00
server Update fuzz corpora 2018-08-23 22:08:08 +02:00
x509 Don't assume the type we read was the type we expected 2019-11-04 12:49:19 +00:00