Skip to content

Bug fix release

Latest
Latest

Choose a tag to compare

View all tags
@jonasbn jonasbn released this 24 Jun 16:09
· 12 commits to master since this release
v1.97
6a9e94c
This commit was signed with the committer’s verified signature.
jonasbn Jonas Brømsø
GPG key ID: 76A2A4D5AE817EE9
Verified
Learn about vigilant mode.

Bug fix release, update recommended

  • Fix #63: get_hex() did not NUL-terminate its output; zero-length
    OCTET STRING or BIT STRING attributes left the buffer entirely uninitialised, causing undefined behaviour on any downstream
    strlen() or pointer access. Fixed by writing '\0' after the loop and increasing the Renew allocation from length*4 to
    length*4+1 at both call sites. Merged via PR #65.

  • Fix: CertBag.certValue encoding — certificate DER bytes are now correctly wrapped in an OCTET STRING as required by RFC 7292.

  • Test: add regression test t/pkcs12-info-zero-length-attributes.t covering zero-length OCTET STRING and BIT STRING bag attributes.

  • Build: add Convert::ASN1 as a develop dependency (used by the fixture generation script scripts/generate-zero-length-attr-fixture.pl).

Assets 2
Loading