Thanks for the answers,
I am going to change BIO_write to BIO_printf in my product for openssl.
And finally one question, NULL terminator is surely within the 128 bytes of
buffer?
regards,
Gopi.
--
View this message in context:
http://openssl.6102.n7.nabble.com/CVE-2016-2180-tp67815p68395.h
El d�a Friday, September 16, 2016 a las 08:57:30AM +0100, Matt Caswell escribi�:
> >> int OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name);
> >>
> >> OBJ_obj2txt() converts the ASN1_OBJECT a into a textual representation. The
> >> representation is written as a null terminate
On 16/09/16 08:09, sivagopiraju wrote:
> And a small understanding.
>
> We are supplying buffer is about to 128 bytes to fill the converted message,
> So, if the obj(ASN1_OBJECT) size is more than that(supplied buffer) size
> OBJ_obj2txt will do truncate and will return the obj(ASN1_OBJECT) mess
And a small understanding.
We are supplying buffer is about to 128 bytes to fill the converted message,
So, if the obj(ASN1_OBJECT) size is more than that(supplied buffer) size
OBJ_obj2txt will do truncate and will return the obj(ASN1_OBJECT) message
length. It results in more than 128(returned l
On 16/09/16 08:05, Matthias Apitz wrote:
> El día Thursday, September 15, 2016 a las 10:35:34PM -0700, sivagopiraju
> escribió:
>
>> int OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name);
>>
>> OBJ_obj2txt() converts the ASN1_OBJECT a into a textual representation. The
>> r
El día Thursday, September 15, 2016 a las 10:35:34PM -0700, sivagopiraju
escribió:
> int OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name);
>
> OBJ_obj2txt() converts the ASN1_OBJECT a into a textual representation. The
> representation is written as a null terminated string
int OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name);
OBJ_obj2txt() converts the ASN1_OBJECT a into a textual representation. The
representation is written as a null terminated string to buf at most buf_len
bytes are written, truncating the result if necessary.* The total amo
El día Thursday, September 15, 2016 a las 09:00:07PM -0700, sivagopiraju
escribió:
> - int len = OBJ_obj2txt(obj_txt, sizeof(obj_txt), obj, 0);
> -BIO_write(bio, obj_txt, len);
> -BIO_write(bio, "\n", 1);
> +OBJ_obj2txt(obj_txt, sizeof(obj_txt), obj, 0);
> +BIO_printf(bio, "%s\n
- int len = OBJ_obj2txt(obj_txt, sizeof(obj_txt), obj, 0);
-BIO_write(bio, obj_txt, len);
-BIO_write(bio, "\n", 1);
+OBJ_obj2txt(obj_txt, sizeof(obj_txt), obj, 0);
+BIO_printf(bio, "%s\n", obj_txt);
Here, used BIO_printf instead of BIO_write, is it solve the issue?
Can you pleas
On 15/09/16 11:44, sivagopiraju wrote:
> I can't upgrade at this stage for my product, So can you give me the fix if
> you have.
The fix for the 1.0.1 version is here:
https://github.com/openssl/openssl/commit/6adf409c7432b90c06d9890787fe56c48f2a16e7
As Rich said 1.0.0 is not supported so the
I can't upgrade at this stage for my product, So can you give me the fix if
you have.
--
View this message in context:
http://openssl.6102.n7.nabble.com/CVE-2016-2180-tp67815p68371.html
Sent from the OpenSSL - User mailing list archive at Nabble.com.
--
openssl-users mailing list
To unsubscri
I am using openssl-1.0.0e in my product. Here i want to know that OpenSSL is
CVE-2016-2180 vulnerable or not.
https://github.com/openssl/openssl/commit/0ed26acce328ec16a3aa635f1ca37365e8c7403a?diff=unified
In this page showing some information about CVE-2016-2180 vulnerability.
Actually i read s
:18 AM
To: openssl-users@openssl.org
Subject: [openssl-users] CVE-2016-2180
Hi OpenSSL team,
I am using openssl-1.0.0e in my product. Here i want to know that OpenSSL is
CVE-2016-2180 vulnerable or not.
https://github.com/openssl/openssl/commit/0ed26acce328ec16a3aa635f1ca37365e8c7403a?diff
Hi OpenSSL team,
I am using openssl-1.0.0e in my product. Here i want to know that OpenSSL
is CVE-2016-2180 vulnerable or not.
https://github.com/openssl/openssl/commit/0ed26acce328ec16a3aa635f1ca373
65e8c7403a?diff=unified
In this page showing some modifications to the function TS_OBJ_print_bio
14 matches
Mail list logo
