LibreSSL -- Memory leak and buffer overflow
During the code review of OpenSMTPD a memory leak and buffer overflow
(an off-by-one, usually stack-based) were discovered in LibreSSL's
OBJ_obj2txt() function. This function is called automatically during
a TLS handshake (both client-side, unless an anonymous mode is used,
and server-side, if client authentication is requested).
Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright