- Better checking for reading over buffer boundaries - Zeroize altSubjectName chain memory before use

commit: 535e97dbab8cf34bb1e487f0f0f169a04eb9921f [log] [tgz]
author: Paul Bakker <p.j.bakker@polarssl.org> Thu Aug 23 10:49:55 2012 +0000
committer: Paul Bakker <p.j.bakker@polarssl.org> Thu Aug 23 10:49:55 2012 +0000
tree: a767214909c319523b5b722dc89f1394f32f7321
parent: 9195662a4c4c81ac864f7854207c2719c0ca6b84 [diff] [blame]
diff --git a/ChangeLog b/ChangeLog
index e00643b..39c45af 100644
--- a/ChangeLog
+++ b/ChangeLog

@@ -45,6 +45,7 @@
    * Handle encryption with private key and decryption with public key as per
    	 RFC 2313
    * Handle empty certificate subject names
+   * Prevent reading over buffer boundaries on X509 certificate parsing
 
 Security
    * Fixed potential memory corruption on miscrafted client messages (found by
commit	535e97dbab8cf34bb1e487f0f0f169a04eb9921f	[log] [tgz]
author	Paul Bakker <p.j.bakker@polarssl.org>	Thu Aug 23 10:49:55 2012 +0000
committer	Paul Bakker <p.j.bakker@polarssl.org>	Thu Aug 23 10:49:55 2012 +0000
tree	a767214909c319523b5b722dc89f1394f32f7321
parent	9195662a4c4c81ac864f7854207c2719c0ca6b84 [diff] [blame]