0d2f7675a2
Since Buildroot commit [1] the patches that fixes a security vulnerability needs to reference the fixed vulnerability. This patch adds the relevant information to the patch header. [1] 1167d0ff3d docs/manual: mention CVE trailer Signed-off-by: Thomas Perale <thomas.perale@mind.be> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com> (cherry picked from commit 9265e6973593240104c8f9e2a675c01c6c8e37a3) Signed-off-by: Thomas Perale <thomas.perale@mind.be>
31 lines
1.1 KiB
Diff
31 lines
1.1 KiB
Diff
From 25c26a3b7a9ad8192ccc923e15cf62bf0108ef94 Mon Sep 17 00:00:00 2001
|
|
From: werew <werew@ret2libc.com>
|
|
Date: Thu, 3 Oct 2019 19:57:10 +0200
|
|
Subject: [PATCH] Fixes #507
|
|
|
|
Fix a vulnerability in der_decode_utf8_string as specified here:
|
|
https://github.com/libtom/libtomcrypt/issues/507
|
|
|
|
CVE: CVE-2019-17362
|
|
[for import into Buildroot]
|
|
Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
|
|
|
|
|
|
---
|
|
src/pk/asn1/der/utf8/der_decode_utf8_string.c | 2 +-
|
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
|
|
diff --git a/src/pk/asn1/der/utf8/der_decode_utf8_string.c b/src/pk/asn1/der/utf8/der_decode_utf8_string.c
|
|
index 94555b99f..d3ed82bea 100644
|
|
--- a/src/pk/asn1/der/utf8/der_decode_utf8_string.c
|
|
+++ b/src/pk/asn1/der/utf8/der_decode_utf8_string.c
|
|
@@ -65,7 +65,7 @@ int der_decode_utf8_string(const unsigned char *in, unsigned long inlen,
|
|
/* count number of bytes */
|
|
for (z = 0; (tmp & 0x80) && (z <= 4); z++, tmp = (tmp << 1) & 0xFF);
|
|
|
|
- if (z > 4 || (x + (z - 1) > inlen)) {
|
|
+ if (z == 1 || z > 4 || (x + (z - 1) > inlen)) {
|
|
return CRYPT_INVALID_PACKET;
|
|
}
|
|
|