Displaying 1 result from an estimated 1 matches for "buffer_put_bugnum2".
Did you mean:
buffer_put_bignum2
2004 Feb 21
0
overflow in buffer_put_bignum2
Hi
When buffer_put_bugnum2 is called with zero bignum, it touches unallocated
memory:
BN_num_bytes returns 0, one byte is allocated and
hasnohigh = (buf[1] & 0x80) ? 0 : 1;
touches array out of bounds.
Mikulas