Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Leap:15.5:Update
perl-Convert-ASN1.17746
perl-Convert-ASN1-CVE-2013-7488.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File perl-Convert-ASN1-CVE-2013-7488.patch of Package perl-Convert-ASN1.17746
From ce148a2e0872b708450005cf0b3a944014aae990 Mon Sep 17 00:00:00 2001 From: Dana Jacobsen <dana@acm.org> Date: Tue, 29 Oct 2013 08:37:48 -0700 Subject: [PATCH 1/2] Fix unsafe decoding in indef case --- lib/Convert/ASN1/_decode.pm | 1 + 1 file changed, 1 insertion(+) Index: Convert-ASN1-0.27/lib/Convert/ASN1/_decode.pm =================================================================== --- Convert-ASN1-0.27.orig/lib/Convert/ASN1/_decode.pm +++ Convert-ASN1-0.27/lib/Convert/ASN1/_decode.pm @@ -683,14 +683,16 @@ sub _scan_indef { $pos += 2; next; } + return if $pos >= $end; my $tag = substr($_[0], $pos++, 1); if((unpack("C",$tag) & 0x1f) == 0x1f) { my $b; do { - $tag .= substr($_[0],$pos++,1); - $b = ord substr($tag,-1); + return if $pos >= $end; + $tag .= substr($_[0],$pos++,1); + $b = ord substr($tag,-1); } while($b & 0x80); } return if $pos >= $end;
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor
