Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP2:GA
libtasn1.11138
libtasn1-CVE-2016-4008-2.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File libtasn1-CVE-2016-4008-2.patch of Package libtasn1.11138
From a6e0a0b58f5cdaf4e9beca5bce69c09808cbb625 Mon Sep 17 00:00:00 2001 From: Nikos Mavrogiannopoulos <nmav@redhat.com> Date: Wed, 6 Apr 2016 13:02:19 +0200 Subject: [PATCH 1/1] _asn1_extract_der_octet: properly account the bytes read through indefinite encodings This prevents infinite recursions in the function loop. Reported by Pascal Cuoq. --- lib/decoding.c | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) Index: libtasn1-3.7/lib/decoding.c =================================================================== --- libtasn1-3.7.orig/lib/decoding.c +++ libtasn1-3.7/lib/decoding.c @@ -665,7 +665,7 @@ _asn1_delete_not_used (asn1_node node) static int _asn1_extract_der_octet (asn1_node node, const unsigned char *der, - int der_len) + int der_len, int *bytes) { int len2, len3; int counter, counter_end; @@ -708,15 +708,19 @@ _asn1_extract_der_octet (asn1_node node, DECR_LEN(der_len, len3); result = _asn1_extract_der_octet (node, der + counter + len3, - der_len); + der_len, &len2); if (result != ASN1_SUCCESS) return result; - len2 = 0; + + DECR_LEN(der_len, len2); } counter += len2 + len3 + 1; } + if (bytes) + *bytes = counter; + return ASN1_SUCCESS; cleanup: @@ -785,7 +789,7 @@ _asn1_get_octet_string (asn1_node node, asn1_length_der (tot_len, temp, &len2); _asn1_set_value (node, temp, len2); - ret = _asn1_extract_der_octet (node, der, der_len); + ret = _asn1_extract_der_octet (node, der, der_len, NULL); if (ret != ASN1_SUCCESS) return ret;
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor