Fix for bug#50227: Pre-auth buffer-overflow in mySQL through yaSSL

Problem: copying issuer's (or subject's) name tags into an internal buffer from incoming stream we didn't check the buffer overflow. That may lead to memory overrun, crash etc. Fix: ensure we don't overrun the buffer. Note: there's no simple test case (exploit needed).
author: Ramil Kalimullin <ramil@mysql.com> 2010-01-13 09:20:45 +0400
committer: Ramil Kalimullin <ramil@mysql.com> 2010-01-13 09:20:45 +0400
commit: 5622b586d980ec9aa9fd1f3eb73e8c97135e1269 (patch)
tree: 1b839959b455c0b8c63f54e9de2ab6170a7f0817 /extra/yassl/taocrypt/include
parent: 94acd4804181d0cf7b0e6887e43528a56aa671fc (diff)
download: mariadb-git-5622b586d980ec9aa9fd1f3eb73e8c97135e1269.tar.gz
1 files changed, 1 insertions, 0 deletions
diff --git a/extra/yassl/taocrypt/include/asn.hpp b/extra/yassl/taocrypt/include/asn.hpp
index 1c1850cb47e..168b8a8c755 100644
--- a/extra/yassl/taocrypt/include/asn.hpp
+++ b/extra/yassl/taocrypt/include/asn.hpp
@@ -305,6 +305,7 @@ private:
     bool   ValidateSignature(SignerList*);
     bool   ConfirmSignature(Source&);
     void   GetKey();
+    char*  AddTag(char*, const char*, const char*, word32, word32);
     void   GetName(NameType);
     void   GetValidity();
     void   GetDate(DateType);
author	Ramil Kalimullin <ramil@mysql.com>	2010-01-13 09:20:45 +0400
committer	Ramil Kalimullin <ramil@mysql.com>	2010-01-13 09:20:45 +0400
commit	5622b586d980ec9aa9fd1f3eb73e8c97135e1269 (patch)
tree	1b839959b455c0b8c63f54e9de2ab6170a7f0817 /extra/yassl/taocrypt/include
parent	94acd4804181d0cf7b0e6887e43528a56aa671fc (diff)
download	mariadb-git-5622b586d980ec9aa9fd1f3eb73e8c97135e1269.tar.gz