platform/upstream/libtasn1 - Domain: Security / Utilities;

diff options

author	Nikos Mavrogiannopoulos <nmav@redhat.com>	2017-05-18 18:03:34 +0200
committer	Rafal Krypa <r.krypa@samsung.com>	2017-06-16 11:13:16 +0200
commit	f81309a9a722c484b97ce32042f428d54c6d035b (patch)
tree	c3070edbea59aa65ce86ffe4fd695131a278f068 /packaging
parent	e5c912938e2958fbeb7ee01183f0bc4e33143ead (diff)
download	libtasn1-f81309a9a722c484b97ce32042f428d54c6d035b.tar.gz libtasn1-f81309a9a722c484b97ce32042f428d54c6d035b.tar.bz2 libtasn1-f81309a9a722c484b97ce32042f428d54c6d035b.zip

BACKPORT: asn1_find_node: added safety check on asn1_find_node()submit/tizen_4.0/20170828.100006 submit/tizen_4.0/20170811.094300 submit/tizen/20170616.143116 accepted/tizen/unified/20170620.174035 accepted/tizen/4.0/unified/20170828.222817 accepted/tizen/4.0/unified/20170816.011243

This prevents a stack overflow in asn1_find_node() which is triggered by too long variable names in the definitions files. That means that applications have to deliberately pass a too long 'name' constant to asn1_write_value() and friends. Reported by Jakub Jirasek. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com> Signed-off-by: Rafal Krypa <r.krypa@samsung.com> (cherry-picked from upstream 5520704d075802df25ce4ffccc010ba1641bd484) Change-Id: I893834c68ede90cd5953289a2c207c79e2971b51

Diffstat (limited to 'packaging')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: