New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix buffer handling of OBJ_obj2txt #74687
Comments
Frawser Tweedle from Red Hat's identity management team found an issue in PyCA cryptography's handling of buffers for OpenSSL OBJ_obj2txt(). Cryptography fails to handle long OIDs as used by Active Directory. pyca/cryptography#3612 CPython's ssl module doesn't handle buffer allocation for OBJ_obj2txt() correctly, too. A default buffer size of 255+1 makes the bug less likely to occur, though. We should fix the problem anyway. |
Can the common code of _create_tuple_for_attribute() and asn1obj2py() be shared? |
IMO it doesn't make sense to share a couple of lines of code. It makes the code even harder to read. |
Your PR LGTM. But I think the code can be much simpler. Here is a patch that shares common code and applies other simplifications to surrounded code. PR 1852 increases the total number of lines by 37 lines, bpo-30502-simpler.diff -- only by 3 lines. PR 1852: 1 file changed, 49 insertions(+), 12 deletions(-) |
Note: these values reflect the state of the issue at the time it was migrated and might not reflect the current state.
Show more details
GitHub fields:
bugs.python.org fields:
The text was updated successfully, but these errors were encountered: