Closed ohwgiles closed 6 years ago
The earlier length check did not check enough bytes. But rather than fixing the off-by-one, it makes more sense to do a single check at the start of the loop.
Resolves CVE-2017-9058
The earlier length check did not check enough bytes. But rather than fixing the off-by-one, it makes more sense to do a single check at the start of the loop.
Resolves CVE-2017-9058