tnozaki / NetBSD / issues / #160 - [OpenSSL-1.0.2] TNF local patch - [N**BSD-PR/24458] openssl.cnf cannot correctly do variable substitution

Takehiko NOZAKI reporter

changed status to resolved

BUGFIX: Issue ~~#160~~ - [N**BSD-PR/24458] openssl.cnf cannot correctly do variable substitution

cherry-picked from OpenSSL-1_0_2-stable branch: https://github.com/openssl/openssl/commit/6a6213556a80ab0a9eb926a1d6023b8bf44f2afd

original commit message:

Fix out-of-memory condition in conf

conf has the ability to expand variables in config files. Repeatedly doing this can lead to an exponential increase in the amount of memory required. This places a limit on the length of a value that can result from an expansion.

Credit to OSS-Fuzz for finding this problem.

Reviewed-by: Rich Salz rsalz@openssl.org Reviewed-by: Richard Levitte levitte@openssl.org (Merged from https://github.com/openssl/openssl/pull/2894) (cherry picked from commit 8a585601fea1091022034dd14b961c1ecd5916c3)

→ <<cset f41052fa54abcd73e6c4fccc0fd886b8194d5311>>

2019-07-09T08:51:14+00:00

Comments (1)

Takehiko NOZAKI reporter
- changed status to resolved
BUGFIX: Issue ~~#160~~ - [N**BSD-PR/24458] openssl.cnf cannot correctly do variable substitution

cherry-picked from OpenSSL-1_0_2-stable branch: https://github.com/openssl/openssl/commit/6a6213556a80ab0a9eb926a1d6023b8bf44f2afd

original commit message:

Fix out-of-memory condition in conf

conf has the ability to expand variables in config files. Repeatedly doing this can lead to an exponential increase in the amount of memory required. This places a limit on the length of a value that can result from an expansion.

Credit to OSS-Fuzz for finding this problem.

Reviewed-by: Rich Salz rsalz@openssl.org Reviewed-by: Richard Levitte levitte@openssl.org (Merged from https://github.com/openssl/openssl/pull/2894) (cherry picked from commit 8a585601fea1091022034dd14b961c1ecd5916c3)

→ <<cset f41052fa54abcd73e6c4fccc0fd886b8194d5311>>
- 2019-07-09T08:51:14+00:00
Log in to comment