• Ramil Kalimullin's avatar
    Fix for bug#50227: Pre-auth buffer-overflow in mySQL through yaSSL · 495810cd
    Ramil Kalimullin authored
    Problem: copying issuer's (or subject's) name tags into an internal
    buffer from incoming stream we didn't check the buffer overflow. 
    That may lead to memory overrun, crash etc.
    
    Fix: ensure we don't overrun the buffer.
    
    Note: there's no simple test case (exploit needed).
    
    
    extra/yassl/taocrypt/include/asn.hpp:
      Fix for bug#50227: Pre-auth buffer-overflow in mySQL through yaSSL
        - CertDecoder::AddTag() introduced.
    extra/yassl/taocrypt/src/asn.cpp:
      Fix for bug#50227: Pre-auth buffer-overflow in mySQL through yaSSL
        - copying data from incoming stream to the issuer_ or subject_
      buffers ensure we don't overrun them.
        - code cleanup.
    495810cd
asn.cpp 26.4 KB