[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#5010) broken ber_encode_oid/ber_decode_oid()

To: openldap-its@OpenLDAP.org
Subject: Re: (ITS#5010) broken ber_encode_oid/ber_decode_oid()
From: hyc@symas.com
Date: Tue, 19 Jun 2007 10:25:30 GMT

h.b.furuseth@usit.uio.no wrote:
> I wrote:
>> Finally, libldap/tls.c does not check if ber_decode_oid() fails.
> 
> Fixed that.  Waiting for the other stuff, depends on the code's intent.
> 
Go ahead and fix whatever problems you see. Assume that maliciously constructed 
cert DNs are present, because undoubtedly there will be.

-- 
   -- Howard Chu
   Chief Architect, Symas Corp.  http://www.symas.com
   Director, Highland Sun        http://highlandsun.com/hyc/
   Chief Architect, OpenLDAP     http://www.openldap.org/project/

Prev by Date: Re: (ITS#5005) test017 fails
Next by Date: Re: (ITS#4943) tpool.c pause vs. finish
Index(es):
- Chronological
- Thread