diff options
| author | Theo Buehler <tb@cvs.openbsd.org> | 2022-08-31 07:15:32 +0000 |
|---|---|---|
| committer | Theo Buehler <tb@cvs.openbsd.org> | 2022-08-31 07:15:32 +0000 |
| commit | b2cc6331fd8b35430f5291c99e844cdba062a021 (patch) | |
| tree | 948770e5a2cb5ff3c68dd758f089c002a9e64550 /lib | |
| parent | 8c37130a0adf8a46a6f8a361bc4abccccc4491d0 (diff) | |
Switch loop bounds from size_t to int in check_hosts()
sk_num() can return a negative value, in which case the upper bound is
SIZE_MAX, which results in a very long for loop.
CID 153997
ok jsing
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/libcrypto/x509/x509_vfy.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/lib/libcrypto/x509/x509_vfy.c b/lib/libcrypto/x509/x509_vfy.c index 18cf08a07c4..fb87877e72c 100644 --- a/lib/libcrypto/x509/x509_vfy.c +++ b/lib/libcrypto/x509/x509_vfy.c @@ -1,4 +1,4 @@ -/* $OpenBSD: x509_vfy.c,v 1.102 2022/06/27 14:10:22 tb Exp $ */ +/* $OpenBSD: x509_vfy.c,v 1.103 2022/08/31 07:15:31 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -186,7 +186,7 @@ check_id_error(X509_STORE_CTX *ctx, int errcode) static int check_hosts(X509 *x, X509_VERIFY_PARAM_ID *id) { - size_t i, n; + int i, n; char *name; n = sk_OPENSSL_STRING_num(id->hosts); |