projects / platform / upstream / gnutls.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 72ba2d0)
Fix CVE-2017-6891 in minitasn1 code 21/134421/1 accepted/tizen_4.0_unified accepted/tizen_5.0_unified accepted/tizen_unified tizen tizen_4.0 tizen_4.0_tv tizen_5.0 accepted/tizen/4.0/unified/20170816.013930 accepted/tizen/4.0/unified/20170828.222555 accepted/tizen/5.0/unified/20181102.024719 accepted/tizen/unified/20170620.174003 submit/tizen/20170616.142532 submit/tizen_4.0/20170811.094300 submit/tizen_4.0/20170828.100005 submit/tizen_5.0/20181101.000006 tizen_4.0.IoT.p1_release tizen_4.0.IoT.p2_release tizen_4.0.m2_release
authorRafal Krypa <r.krypa@samsung.com>
Fri, 16 Jun 2017 09:15:19 +0000 (11:15 +0200)
committerRafal Krypa <r.krypa@samsung.com>
Fri, 16 Jun 2017 09:19:29 +0000 (11:19 +0200)
Based on upstream libtasn1 fix:
http://git.savannah.gnu.org/gitweb/?p=libtasn1.git;a=commitdiff;h=5520704d075802df25ce4ffccc010ba1641bd484

Change-Id: I2c7742b627f9467f68643682e9287cf852a5b2a3
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
lib/minitasn1/parser_aux.c patch | blob | history

diff --git a/lib/minitasn1/parser_aux.c b/lib/minitasn1/parser_aux.c
index 2285b20..3d9094c 100644 (file)
--- a/lib/minitasn1/parser_aux.c
+++ b/lib/minitasn1/parser_aux.c
@@ -120,6 +120,9 @@ asn1_find_node (asn1_node pointer, const char *name)
       if (n_end)
        {
          nsize = n_end - n_start;
+         if (nsize >= sizeof(n))
+               return NULL;
+
          memcpy (n, n_start, nsize);
          n[nsize] = 0;
          n_start = n_end;
@@ -158,6 +161,9 @@ asn1_find_node (asn1_node pointer, const char *name)
       if (n_end)
        {
          nsize = n_end - n_start;
+         if (nsize >= sizeof(n))
+               return NULL;
+
          memcpy (n, n_start, nsize);
          n[nsize] = 0;
          n_start = n_end;
Domain: Security / Utilities;