[New-bugs-announce] [issue30502] Fix buffer handling of OBJ_obj2txt
report at bugs.python.org
Mon May 29 03:19:13 EDT 2017
New submission from Christian Heimes:
Frawser Tweedle from Red Hat's identity management team found an issue in PyCA cryptography's handling of buffers for OpenSSL OBJ_obj2txt(). Cryptography fails to handle long OIDs as used by Active Directory.
CPython's ssl module doesn't handle buffer allocation for OBJ_obj2txt() correctly, too. A default buffer size of 255+1 makes the bug less likely to occur, though. We should fix the problem anyway.
title: Fix buffer handling of OBJ_obj2txt
versions: Python 2.7, Python 3.5, Python 3.6, Python 3.7
Python tracker <report at bugs.python.org>
More information about the New-bugs-announce