Jared Beller
3 years ago
parent
bb9f3e73ac
commit
494882232c
@ -1,53 +0,0 @@ |
||||
Based on upstream https://github.com/openbsd/src/commit/62ceddea5b1d64a1a362bbb7071d9e15adcde6b1
|
||||
with paths switched to apply to libressl-portable and CVS header
|
||||
hunk removed.
|
||||
|
||||
--- a/crypto/x509/x509_constraints.c
|
||||
+++ b/crypto/x509/x509_constraints.c
|
||||
@@ -339,16 +339,16 @@
|
||||
if (c == '.')
|
||||
goto bad;
|
||||
}
|
||||
- if (wi > DOMAIN_PART_MAX_LEN)
|
||||
- goto bad;
|
||||
if (accept) {
|
||||
+ if (wi >= DOMAIN_PART_MAX_LEN)
|
||||
+ goto bad;
|
||||
working[wi++] = c;
|
||||
accept = 0;
|
||||
continue;
|
||||
}
|
||||
if (candidate_local != NULL) {
|
||||
/* We are looking for the domain part */
|
||||
- if (wi > DOMAIN_PART_MAX_LEN)
|
||||
+ if (wi >= DOMAIN_PART_MAX_LEN)
|
||||
goto bad;
|
||||
working[wi++] = c;
|
||||
if (i == len - 1) {
|
||||
@@ -363,7 +363,7 @@
|
||||
continue;
|
||||
}
|
||||
/* We are looking for the local part */
|
||||
- if (wi > LOCAL_PART_MAX_LEN)
|
||||
+ if (wi >= LOCAL_PART_MAX_LEN)
|
||||
break;
|
||||
|
||||
if (quoted) {
|
||||
@@ -383,6 +383,8 @@
|
||||
*/
|
||||
if (c == 9)
|
||||
goto bad;
|
||||
+ if (wi >= LOCAL_PART_MAX_LEN)
|
||||
+ goto bad;
|
||||
working[wi++] = c;
|
||||
continue; /* all's good inside our quoted string */
|
||||
}
|
||||
@@ -412,6 +414,8 @@
|
||||
}
|
||||
if (!local_part_ok(c))
|
||||
goto bad;
|
||||
+ if (wi >= LOCAL_PART_MAX_LEN)
|
||||
+ goto bad;
|
||||
working[wi++] = c;
|
||||
}
|
||||
if (candidate_local == NULL || candidate_domain == NULL)
|
||||
Loading…
Reference in new issue