[Date Prev][Date Next]
Re: (ITS#5010) broken ber_encode_oid/ber_decode_oid()
> I wrote:
>> Finally, libldap/tls.c does not check if ber_decode_oid() fails.
> Fixed that. Waiting for the other stuff, depends on the code's intent.
Go ahead and fix whatever problems you see. Assume that maliciously constructed
cert DNs are present, because undoubtedly there will be.
-- Howard Chu
Chief Architect, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/