mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2026-07-07 00:30:51 +02:00
4cf33849b8
- wolfSSL_i2d_OCSP_REQUEST_bio: save/restore pointer before i2d call that advances it, preventing BIO_write from wrong offset and heap corruption on free - wolfSSL_d2i_OCSP_RESPONSE: remove (unsigned char) cast that truncated pointer advance to 8 bits, breaking responses larger than 255 bytes - wolfSSL_OCSP_CERTID_dup: deep-copy CertStatus to prevent double-free when both original and duplicate are freed - wolfSSL_i2d_OCSP_RESPONSE: add NULL check on response parameter - wolfSSL_i2d_OCSP_REQUEST: advance *data pointer per i2d convention - FreeOCSP: NULL-check ocsp->cm before dereferencing for heap - Fix WOLFSSL_LEAVE strings to match actual function names in wc_CheckCertOcspResponse, GetOcspEntry, GetOcspStatus, CheckOcspResponse, CheckOcspRequest Add test for CERTID dup (double-free confirmed under ASAN without fix) and pointer advancement assertions for d2i_OCSP_RESPONSE callers. Reported in: ZD21469
Before creating any new configure files (.conf) read the CONF_FILES_README.md