The add_cert_dir() function in openssl/crypto/x509/by_dir.c is broken.
There is a loop to detect duplicate entries but its results are ignored,
it will also go out of bounds on some malformed parameters.

See also

Patches against 0.9.8 and CVS attached.
Tomas Mraz
No matter how far down the wrong road you've gone, turn back.
Turkish proverb
__________________________________________________ ____________________
OpenSSL Project
Development Mailing List
Automated List Manager