src/oid.c | 2 2 + 0 - 0 !
tests/Makefile.am | 4 2 + 2 - 0 !
tests/Makefile.in | 5 2 + 3 - 0 !
tests/t-dnparser.c | 2 1 + 1 - 0 !
tests/t-oid.c | 97 94 + 3 - 0 !
5 files changed, 101 insertions(+), 9 deletions(-)

 cve-2014-9087: fix buffer overflow in ksba_oid_to_str
 The code has an obvious error by not considering invalid encoding for
 arc-2.  A first byte of 0x80 can be used to make a value of less then
 80 and we then subtract 80 from that value as required by the OID
 encoding rules.  Due to the unsigned integer this results in a pretty
 long value which won't fit anymore into the allocated buffer.
 .
 The fix is obvious.  Also added a few simple test cases.  Note that we
 keep on using sprintf instead of snprintf because managing the
 remaining length of the buffer would probably be more error prone than
 assuring that the buffer is large enough.  Getting rid of sprintf
 altogether by using direct conversion along with membuf_t like code
 might be possible.