- Reported
-
- Issued
-
- Package
-
openssl
(crates.io)
- Type
-
Vulnerability
- References
-
- Patched
-
- Affected Functions
- Version
openssl::bio::MemBio::get_buf-
Description
Previously, MemBio::get_buf called slice::from_raw_parts with a null-pointer, which violates the functions invariants, leading to undefined behavior. In debug builds this would produce an assertion failure. This is now fixed.
Advisory available under CC0-1.0
license.