Avoid type errors in EAI-related name check logic. - openssl

diff options

author	Viktor Dukhovni <viktor@openssl.org>	2024-06-19 13:04:11 +0200
committer	Tomas Mraz <tomas@openssl.org>	2024-09-03 11:58:40 +0200
commit	0890cd13d40fbc98f655f3974f466769caa83680 (patch)
tree	5b1d7322e3324714104f36b75fb6879083d8b493 /CHANGES.md
parent	Add CHANGES.md and NEWS.md updates for the 3.4 release (diff)
download	openssl-0890cd13d40fbc98f655f3974f466769caa83680.tar.xz openssl-0890cd13d40fbc98f655f3974f466769caa83680.zip

Avoid type errors in EAI-related name check logic.

The incorrectly typed data is read only, used in a compare operation, so neither remote code execution, nor memory content disclosure were possible. However, applications performing certificate name checks were vulnerable to denial of service. The GENERAL_TYPE data type is a union, and we must take care to access the correct member, based on `gen->type`, not all the member fields have the same structure, and a segfault is possible if the wrong member field is read. The code in question was lightly refactored with the intent to make it more obviously correct. Fixes CVE-2024-6119 Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>

Diffstat (limited to 'CHANGES.md')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: