Message 294679 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	christian.heimes
Recipients	christian.heimes
Date	2017-05-29.07:19:13
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1496042353.91.0.558550525758.issue30502@psf.upfronthosting.co.za>
In-reply-to

Content
Frawser Tweedle from Red Hat's identity management team found an issue in PyCA cryptography's handling of buffers for OpenSSL OBJ_obj2txt(). Cryptography fails to handle long OIDs as used by Active Directory. https://github.com/pyca/cryptography/pull/3612/ https://bugzilla.redhat.com/show_bug.cgi?id=1455755 CPython's ssl module doesn't handle buffer allocation for OBJ_obj2txt() correctly, too. A default buffer size of 255+1 makes the bug less likely to occur, though. We should fix the problem anyway.

Frawser Tweedle from Red Hat's identity management team found an issue in PyCA cryptography's handling of buffers for OpenSSL OBJ_obj2txt(). Cryptography fails to handle long OIDs as used by Active Directory.

https://github.com/pyca/cryptography/pull/3612/
https://bugzilla.redhat.com/show_bug.cgi?id=1455755

CPython's ssl module doesn't handle buffer allocation for OBJ_obj2txt() correctly, too. A default buffer size of 255+1 makes the bug less likely to occur, though. We should fix the problem anyway.

History
Date	User	Action	Args
2017-05-29 07:19:13	christian.heimes	set	recipients: + christian.heimes
2017-05-29 07:19:13	christian.heimes	set	messageid: <1496042353.91.0.558550525758.issue30502@psf.upfronthosting.co.za>
2017-05-29 07:19:13	christian.heimes	link	issue30502 messages
2017-05-29 07:19:13	christian.heimes	create