[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[SCM] GNU libtasn1 branch, master, updated. libtasn1_4_3-4-gb0e07ae
|
From: |
Nikos Mavrogiannopoulos |
|
Subject: |
[SCM] GNU libtasn1 branch, master, updated. libtasn1_4_3-4-gb0e07ae |
|
Date: |
Thu, 26 Mar 2015 17:45:05 +0000 |
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU libtasn1".
http://git.savannah.gnu.org/cgit/libtasn1.git/commit/?id=b0e07aeca66e6d5bd26864ffaa7589513a9c48e1
The branch, master has been updated
via b0e07aeca66e6d5bd26864ffaa7589513a9c48e1 (commit)
via d2cbb23662302a2795c3a7ca6183e51e9178e2b2 (commit)
via 4d4f992826a4962790ecd0cce6fbba4a415ce149 (commit)
from 77068c35a32cc31ba6b3af257921ca90696c7945 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit b0e07aeca66e6d5bd26864ffaa7589513a9c48e1
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Thu Mar 26 18:44:20 2015 +0100
doc update
commit d2cbb23662302a2795c3a7ca6183e51e9178e2b2
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Thu Mar 26 18:39:04 2015 +0100
doc update
commit 4d4f992826a4962790ecd0cce6fbba4a415ce149
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Thu Mar 26 18:34:57 2015 +0100
increased size of LTOSTR_MAX_SIZE to account for sign and null byte
This address an overflow found by Hanno Böck in DER decoding.
-----------------------------------------------------------------------
Summary of changes:
NEWS | 4 ++++
lib/parser_aux.c | 4 ++--
lib/parser_aux.h | 5 +++--
3 files changed, 9 insertions(+), 4 deletions(-)
diff --git a/NEWS b/NEWS
index a90a4f1..9d3333f 100644
--- a/NEWS
+++ b/NEWS
@@ -1,5 +1,9 @@
GNU Libtasn1 NEWS -*- outline -*-
+* Noteworthy changes in release 4.4 (unreleased) [stable]
+- Corrected a two-byte stack overflow in asn1_der_decoding. Reported
+ by Hanno Böck.
+
* Noteworthy changes in release 4.3 (released 2015-03-09) [stable]
- Added asn1_decode_simple_ber()
diff --git a/lib/parser_aux.c b/lib/parser_aux.c
index d3e9009..da9a388 100644
--- a/lib/parser_aux.c
+++ b/lib/parser_aux.c
@@ -543,7 +543,7 @@ _asn1_delete_list_and_nodes (void)
char *
-_asn1_ltostr (long v, char *str)
+_asn1_ltostr (long v, char str[LTOSTR_MAX_SIZE])
{
long d, r;
char temp[LTOSTR_MAX_SIZE];
@@ -567,7 +567,7 @@ _asn1_ltostr (long v, char *str)
count++;
v = d;
}
- while (v);
+ while (v && ((start+count) < LTOSTR_MAX_SIZE-1));
for (k = 0; k < count; k++)
str[k + start] = temp[start + count - k - 1];
diff --git a/lib/parser_aux.h b/lib/parser_aux.h
index 55d9061..437f1c8 100644
--- a/lib/parser_aux.h
+++ b/lib/parser_aux.h
@@ -52,8 +52,9 @@ void _asn1_delete_list (void);
void _asn1_delete_list_and_nodes (void);
-#define LTOSTR_MAX_SIZE 20
-char *_asn1_ltostr (long v, char *str);
+/* Max 64-bit integer length is 20 chars + 1 for sign + 1 for null termination
*/
+#define LTOSTR_MAX_SIZE 22
+char *_asn1_ltostr (long v, char str[LTOSTR_MAX_SIZE]);
asn1_node _asn1_find_up (asn1_node node);
hooks/post-receive
--
GNU libtasn1
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [SCM] GNU libtasn1 branch, master, updated. libtasn1_4_3-4-gb0e07ae,
Nikos Mavrogiannopoulos <=