abc/GmSSL
1
0
Fork 0
mirror of https://github.com/guanzhi/GmSSL.git synced 2026-06-19 19:33:38 +08:00
Code Issues Packages Projects Releases Wiki Activity

Bug fix

Browse Source
This commit is contained in:
Zhi Guan
2026-06-17 16:55:36 +08:00
parent b0e5c4aa1b
commit cad645da20
6 changed files with 19 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
tools/ocspsign.c
View File

@@ -452,6 +452,9 @@ bad:
fprintf(stderr, "%s: generate OCSPResponse failure\n", prog);
goto end;
}
// FIXME: resplen = 0 resets buffer capacity before second ocsp_sign call.
// If ocsp_sign() uses *outlen as input buffer capacity, passing 0 may
// allow buffer overflow. Proposed fix: resplen = sizeof(resp);
resplen = 0;
if (ocsp_sign(&ocsp_ctx, cert_status, revocation_time, this_update,
signer_cert, signer_cert_len, &sign_key,