walkero
/
nghttp2
1
0
Fork 0
Code Issues Pull Requests Projects Releases 1 Wiki Activity

nghttpx: Ensure that cert serial does not exceed 20 bytes

This commit is contained in:
Tatsuhiro Tsujikawa 2019-01-05 10:03:44 +09:00
parent dbb5f00d68
commit 11d0533cfc
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/shrpx_tls.cc
View File

@ -2042,7 +2042,7 @@ StringRef get_x509_serial(BlockAllocator &balloc, X509 *x) {
auto sn = X509_get_serialNumber(x);
auto bn = BN_new();
auto bn_d = defer(BN_free, bn);
if (!ASN1_INTEGER_to_BN(sn, bn)) {
if (!ASN1_INTEGER_to_BN(sn, bn) || BN_num_bytes(bn) > 20) {
return StringRef{};
}