[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PATCH v12 05/20] libtasn1: fix the potential buffer overrun
From: |
Gary Lin |
Subject: |
[PATCH v12 05/20] libtasn1: fix the potential buffer overrun |
Date: |
Fri, 19 Apr 2024 16:30:49 +0800 |
In _asn1_tag_der(), the first while loop for the long form may end up
with a 'k' value with 'ASN1_MAX_TAG_SIZE' and cause the buffer overrun
in the second while loop. This commit tweaks the conditional check to
avoid producing a too large 'k'.
This is a quick fix and may differ from the official upstream fix.
libtasn1 issue: https://gitlab.com/gnutls/libtasn1/-/issues/49
Signed-off-by: Gary Lin <glin@suse.com>
---
grub-core/lib/libtasn1/lib/coding.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/grub-core/lib/libtasn1/lib/coding.c
b/grub-core/lib/libtasn1/lib/coding.c
index 5d03bca9d..0458829a5 100644
--- a/grub-core/lib/libtasn1/lib/coding.c
+++ b/grub-core/lib/libtasn1/lib/coding.c
@@ -143,7 +143,7 @@ _asn1_tag_der (unsigned char class, unsigned int tag_value,
temp[k++] = tag_value & 0x7F;
tag_value >>= 7;
- if (k > ASN1_MAX_TAG_SIZE - 1)
+ if (k >= ASN1_MAX_TAG_SIZE - 1)
break; /* will not encode larger tags */
}
*ans_len = k + 1;
--
2.35.3
- [PATCH v12 00/20] Automatic Disk Unlock with TPM2, Gary Lin, 2024/04/19
- [PATCH v12 01/20] posix_wrap: tweaks in preparation for libtasn1, Gary Lin, 2024/04/19
- [PATCH v12 03/20] libtasn1: disable code not needed in grub, Gary Lin, 2024/04/19
- [PATCH v12 02/20] libtasn1: import libtasn1-4.19.0, Gary Lin, 2024/04/19
- [PATCH v12 04/20] libtasn1: changes for grub compatibility, Gary Lin, 2024/04/19
- [PATCH v12 05/20] libtasn1: fix the potential buffer overrun,
Gary Lin <=
- [PATCH v12 09/20] key_protector: Add key protectors framework, Gary Lin, 2024/04/19
- [PATCH v12 06/20] libtasn1: compile into asn1 module, Gary Lin, 2024/04/19
- [PATCH v12 10/20] tpm2: Add TPM Software Stack (TSS), Gary Lin, 2024/04/19
- [PATCH v12 18/20] diskfilter: look up cryptodisk devices first, Gary Lin, 2024/04/19
- [PATCH v12 20/20] tests: Add tpm2_test, Gary Lin, 2024/04/19
- [PATCH v12 11/20] key_protector: Add TPM2 Key Protector, Gary Lin, 2024/04/19