diff options
| author | Dariusz Michaluk <d.michaluk@samsung.com> | 2017-10-05 08:16:46 +0000 |
|---|---|---|
| committer | Gerrit Code Review <gerrit@review.ap-northeast-2.compute.internal> | 2017-10-05 08:16:46 +0000 |
| commit | d5c651a6c46c10e7c566b1c76befa3335911c049 (patch) | |
| tree | 93ea034905128ff8c5ee34104b2309ce511a274f | |
| parent | 74fcecb6aaac0e5c2499f3a832ac09e68d6a1c09 (diff) | |
| parent | 11c669eab70ae202f44bbadd062a5ee7cba55a39 (diff) | |
| download | libtasn1-d5c651a6c46c10e7c566b1c76befa3335911c049.tar.gz libtasn1-d5c651a6c46c10e7c566b1c76befa3335911c049.tar.bz2 libtasn1-d5c651a6c46c10e7c566b1c76befa3335911c049.zip | |
Merge "Fix CVE-2017-10790 vulnerability" into tizen_4.0tizen_4.0.m2_releasetizen_4.0.IoT.p2_releasetizen_4.0.IoT.p1_releasesubmit/tizen_4.0/20171005.115650accepted/tizen/4.0/unified/20171011.150523tizen_4.0_tv
| -rw-r--r-- | lib/parser_aux.c | 15 |
1 files changed, 10 insertions, 5 deletions
diff --git a/lib/parser_aux.c b/lib/parser_aux.c index 16379af..723d48b 100644 --- a/lib/parser_aux.c +++ b/lib/parser_aux.c @@ -951,7 +951,7 @@ _asn1_check_identifier (asn1_node node) if (p2 == NULL) { if (p->value) - _asn1_strcpy (_asn1_identifierMissing, p->value); + _asn1_str_cpy (_asn1_identifierMissing, sizeof(_asn1_identifierMissing), (char*)p->value); else _asn1_strcpy (_asn1_identifierMissing, "(null)"); return ASN1_IDENTIFIER_NOT_FOUND; @@ -964,9 +964,14 @@ _asn1_check_identifier (asn1_node node) if (p2 && (type_field (p2->type) == ASN1_ETYPE_DEFAULT)) { _asn1_str_cpy (name2, sizeof (name2), node->name); - _asn1_str_cat (name2, sizeof (name2), "."); - _asn1_str_cat (name2, sizeof (name2), (char *) p2->value); - _asn1_strcpy (_asn1_identifierMissing, p2->value); + if (p2->value) + { + _asn1_str_cat (name2, sizeof (name2), "."); + _asn1_str_cat (name2, sizeof (name2), (char *) p2->value); + _asn1_str_cpy (_asn1_identifierMissing, sizeof(_asn1_identifierMissing), (char*)p2->value); + } + else + _asn1_strcpy (_asn1_identifierMissing, "(null)"); p2 = asn1_find_node (node, name2); if (!p2 || (type_field (p2->type) != ASN1_ETYPE_OBJECT_ID) || !(p2->type & CONST_ASSIGN)) @@ -986,7 +991,7 @@ _asn1_check_identifier (asn1_node node) _asn1_str_cpy (name2, sizeof (name2), node->name); _asn1_str_cat (name2, sizeof (name2), "."); _asn1_str_cat (name2, sizeof (name2), (char *) p2->value); - _asn1_strcpy (_asn1_identifierMissing, p2->value); + _asn1_str_cpy (_asn1_identifierMissing, sizeof(_asn1_identifierMissing), (char*)p2->value); p2 = asn1_find_node (node, name2); if (!p2 || (type_field (p2->type) != ASN1_ETYPE_OBJECT_ID) || !(p2->type & CONST_ASSIGN)) |