From c927101675e5f63fc0bdd93c5a4825adc54323b4 Mon Sep 17 00:00:00 2001 From: Jack Lloyd <jack@randombit.net> Date: Tue, 4 Apr 2017 16:18:27 -0400 Subject: [PATCH] Add fix for CVE-2017-2801 --- src/utils/parsing.cpp | 2 ++ 2 files changed, 12 insertions(+) diff --git a/src/utils/parsing.cpp b/src/utils/parsing.cpp index 9ec00040c..fc7e96328 100644 --- a/src/utils/parsing.cpp +++ b/src/utils/parsing.cpp @@ -230,6 +230,8 @@ bool x500_name_cmp(const std::string& name1, const std::string& name2) if(p1 == name1.end() && p2 == name2.end()) return true; + if(p1 == name1.end() || p2 == name2.end()) + return false; } if(!Charset::caseless_cmp(*p1, *p2))