代码拉取完成,页面将自动刷新
From 68557991614b61629dce4a6ab4510087ff28022c Mon Sep 17 00:00:00 2001
From: Matt Caswell <[email protected]>
Date: Wed, 18 Aug 2021 14:02:40 +0100
Subject: [PATCH 3/9] Fix printing of PROXY_CERT_INFO_EXTENSION to not assume
NUL terminated strings
ASN.1 strings may not be NUL terminated. Don't assume they are.
CVE-2021-3712
Reviewed-by: Viktor Dukhovni <[email protected]>
Reviewed-by: Paul Dale <[email protected]>
---
CryptoPkg/Library/OpensslLib/openssl/crypto/x509v3/v3_pci.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/CryptoPkg/Library/OpensslLib/openssl/crypto/x509v3/v3_pci.c b/CryptoPkg/Library/OpensslLib/openssl/crypto/x509v3/v3_pci.c
index 3d124fa..98b6ef2 100644
--- a/CryptoPkg/Library/OpensslLib/openssl/crypto/x509v3/v3_pci.c
+++ b/CryptoPkg/Library/OpensslLib/openssl/crypto/x509v3/v3_pci.c
@@ -77,7 +77,8 @@ static int i2r_pci(X509V3_EXT_METHOD *method, PROXY_CERT_INFO_EXTENSION *pci,
i2a_ASN1_OBJECT(out, pci->proxyPolicy->policyLanguage);
BIO_puts(out, "\n");
if (pci->proxyPolicy->policy && pci->proxyPolicy->policy->data)
- BIO_printf(out, "%*sPolicy Text: %s\n", indent, "",
+ BIO_printf(out, "%*sPolicy Text: %.*s\n", indent, "",
+ pci->proxyPolicy->policy->length,
pci->proxyPolicy->policy->data);
return 1;
}
--
2.33.0
此处可能存在不合适展示的内容,页面不予展示。您可通过相关编辑功能自查并修改。
如您确认内容无涉及 不当用语 / 纯广告导流 / 暴力 / 低俗色情 / 侵权 / 盗版 / 虚假 / 无价值内容或违法国家有关法律法规的内容,可点击提交进行申诉,我们将尽快为您处理。
马建仓 AI 助手