- changed status to resolved
[OpenSSL-1.0.2] TNF local patch - [N**BSD-PR/24458] openssl.cnf cannot correctly do variable substitution
Issue #160
resolved
original N**BSD-PR:
https://gnats.netbsd.org/cgi-bin/query-pr-single.pl?number=24458
Comments (1)
-
reporter - Log in to comment
BUGFIX: Issue
- [N**BSD-PR/24458] openssl.cnf cannot correctly do variable substitution#160cherry-picked from OpenSSL-1_0_2-stable branch: https://github.com/openssl/openssl/commit/6a6213556a80ab0a9eb926a1d6023b8bf44f2afd
original commit message:
Fix out-of-memory condition in conf
conf has the ability to expand variables in config files. Repeatedly doing this can lead to an exponential increase in the amount of memory required. This places a limit on the length of a value that can result from an expansion.
Credit to OSS-Fuzz for finding this problem.
Reviewed-by: Rich Salz rsalz@openssl.org Reviewed-by: Richard Levitte levitte@openssl.org (Merged from https://github.com/openssl/openssl/pull/2894) (cherry picked from commit 8a585601fea1091022034dd14b961c1ecd5916c3)
→ <<cset f41052fa54abcd73e6c4fccc0fd886b8194d5311>>