You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@santuario.apache.org by sc...@apache.org on 2022/08/04 13:26:21 UTC
svn commit: r1903226 - /santuario/xml-security-cpp/trunk/xsec/enc/OpenSSL/OpenSSLCryptoX509.cpp
Author: scantor
Date: Thu Aug 4 13:26:20 2022
New Revision: 1903226
URL: http://svn.apache.org/viewvc?rev=1903226&view=rev
Log:
SANTUARIO-591 - Invalid read, possible buffer overflow
https://issues.apache.org/jira/browse/SANTUARIO-591
Modified:
santuario/xml-security-cpp/trunk/xsec/enc/OpenSSL/OpenSSLCryptoX509.cpp
Modified: santuario/xml-security-cpp/trunk/xsec/enc/OpenSSL/OpenSSLCryptoX509.cpp
URL: http://svn.apache.org/viewvc/santuario/xml-security-cpp/trunk/xsec/enc/OpenSSL/OpenSSLCryptoX509.cpp?rev=1903226&r1=1903225&r2=1903226&view=diff
==============================================================================
--- santuario/xml-security-cpp/trunk/xsec/enc/OpenSSL/OpenSSLCryptoX509.cpp (original)
+++ santuario/xml-security-cpp/trunk/xsec/enc/OpenSSL/OpenSSLCryptoX509.cpp Thu Aug 4 13:26:20 2022
@@ -163,8 +163,8 @@ void OpenSSLCryptoX509::loadX509Base64Bi
}
- m_DERX509.sbStrcpyIn(buf);
-
+ m_DERX509.sbMemcpyIn(buf, len);
+ m_DERX509[len] = '\0';
}
// Info functions