[Pkg-gnutls-commits] r1616 - in /packages/libtasn1-6/trunk/debian: changelog patches/20_overflow-in-parser.diff patches/series

ametzler at users.alioth.debian.org ametzler at users.alioth.debian.org
Sun Nov 25 18:08:22 UTC 2012 

Author: ametzler
Date: Sun Nov 25 18:08:22 2012
New Revision: 1616

URL: http://svn.debian.org/wsvn/pkg-gnutls/?sc=1&rev=1616
Log:
20_overflow-in-parser.diff from upstream git fixes a possible buffer
overflow. (Caught by testsuite on hardened build.)

Added:
    packages/libtasn1-6/trunk/debian/patches/20_overflow-in-parser.diff
    packages/libtasn1-6/trunk/debian/patches/series
Modified:
    packages/libtasn1-6/trunk/debian/changelog

Modified: packages/libtasn1-6/trunk/debian/changelog
URL: http://svn.debian.org/wsvn/pkg-gnutls/packages/libtasn1-6/trunk/debian/changelog?rev=1616&op=diff
==============================================================================
--- packages/libtasn1-6/trunk/debian/changelog (original)
+++ packages/libtasn1-6/trunk/debian/changelog Sun Nov 25 18:08:22 2012
@@ -2,6 +2,8 @@
 
   * New upstream version.
   * New symbols added, bump shlibs.
+  * 20_overflow-in-parser.diff from upstream git fixes a possible buffer
+    overflow. (Caught by testsuite on hardened build.)
 
  -- Andreas Metzler <ametzler at debian.org>  Thu, 01 Nov 2012 15:58:33 +0100
 

Added: packages/libtasn1-6/trunk/debian/patches/20_overflow-in-parser.diff
URL: http://svn.debian.org/wsvn/pkg-gnutls/packages/libtasn1-6/trunk/debian/patches/20_overflow-in-parser.diff?rev=1616&op=file
==============================================================================
--- packages/libtasn1-6/trunk/debian/patches/20_overflow-in-parser.diff (added)
+++ packages/libtasn1-6/trunk/debian/patches/20_overflow-in-parser.diff Sun Nov 25 18:08:22 2012
@@ -1,0 +1,75 @@
+From aa6e97f68d6c8d06f531d9b6bb462dc1c0720f77 Mon Sep 17 00:00:00 2001
+From: Nikos Mavrogiannopoulos <nmav at gnutls.org>
+Date: Sun, 25 Nov 2012 14:16:24 +0100
+Subject: [PATCH] corrected possible buffer overflow in parser errors.
+
+---
+ lib/ASN1.c |    6 +++---
+ lib/ASN1.y |    6 +++---
+ 2 files changed, 6 insertions(+), 6 deletions(-)
+
+diff --git a/lib/ASN1.c b/lib/ASN1.c
+index 2a60527..df6fb64 100644
+--- a/lib/ASN1.c
++++ b/lib/ASN1.c
+@@ -119,7 +119,7 @@ static unsigned int line_number;	/* line number describing the
+ 					   parser position inside the
+ 					   file */
+ static char last_error[ASN1_MAX_ERROR_DESCRIPTION_SIZE] = "";
+-static char last_error_token[ASN1_MAX_NAME_SIZE+1] = ""; /* used when expected errors occur */
++static char last_error_token[ASN1_MAX_ERROR_DESCRIPTION_SIZE+1] = ""; /* used when expected errors occur */
+ static char last_token[ASN1_MAX_NAME_SIZE+1] = ""; /* last token find in the file
+ 					   to parse before the 'parse
+ 					   error' */
+@@ -3283,7 +3283,7 @@ _asn1_yyerror (const char *s)
+       strcmp (last_token, "TeletexString") == 0 ||
+       strcmp (last_token, "BMPString") == 0)
+     {
+-      snprintf (last_error_token, ASN1_MAX_ERROR_DESCRIPTION_SIZE,
++      snprintf (last_error_token, sizeof(last_error_token),
+                 "%s", last_token);
+       fprintf(stderr, 
+                "%s:%u: Warning: %s is a built-in ASN.1 type.\n",
+@@ -3294,7 +3294,7 @@ _asn1_yyerror (const char *s)
+ 
+   if (result_parse != ASN1_NAME_TOO_LONG)
+     {
+-      snprintf (last_error, ASN1_MAX_ERROR_DESCRIPTION_SIZE,
++      snprintf (last_error, sizeof(last_error),
+                 "%s:%u: Error: %s near '%s'", file_name,
+                 line_number, s, last_token);
+       result_parse = ASN1_SYNTAX_ERROR;
+diff --git a/lib/ASN1.y b/lib/ASN1.y
+index 874eb13..e0add54 100644
+--- a/lib/ASN1.y
++++ b/lib/ASN1.y
+@@ -42,7 +42,7 @@ static unsigned int line_number;	/* line number describing the
+ 					   parser position inside the
+ 					   file */
+ static char last_error[ASN1_MAX_ERROR_DESCRIPTION_SIZE] = "";
+-static char last_error_token[ASN1_MAX_NAME_SIZE+1] = ""; /* used when expected errors occur */
++static char last_error_token[ASN1_MAX_ERROR_DESCRIPTION_SIZE+1] = ""; /* used when expected errors occur */
+ static char last_token[ASN1_MAX_NAME_SIZE+1] = ""; /* last token find in the file
+ 					   to parse before the 'parse
+ 					   error' */
+@@ -869,7 +869,7 @@ _asn1_yyerror (const char *s)
+       strcmp (last_token, "TeletexString") == 0 ||
+       strcmp (last_token, "BMPString") == 0)
+     {
+-      snprintf (last_error_token, ASN1_MAX_ERROR_DESCRIPTION_SIZE,
++      snprintf (last_error_token, sizeof(last_error_token),
+                 "%s", last_token);
+       fprintf(stderr, 
+                "%s:%u: Warning: %s is a built-in ASN.1 type.\n",
+@@ -880,7 +880,7 @@ _asn1_yyerror (const char *s)
+ 
+   if (result_parse != ASN1_NAME_TOO_LONG)
+     {
+-      snprintf (last_error, ASN1_MAX_ERROR_DESCRIPTION_SIZE,
++      snprintf (last_error, sizeof(last_error),
+                 "%s:%u: Error: %s near '%s'", file_name,
+                 line_number, s, last_token);
+       result_parse = ASN1_SYNTAX_ERROR;
+-- 
+1.7.10.4
+

Added: packages/libtasn1-6/trunk/debian/patches/series
URL: http://svn.debian.org/wsvn/pkg-gnutls/packages/libtasn1-6/trunk/debian/patches/series?rev=1616&op=file
==============================================================================
--- packages/libtasn1-6/trunk/debian/patches/series (added)
+++ packages/libtasn1-6/trunk/debian/patches/series Sun Nov 25 18:08:22 2012
@@ -1,0 +1,1 @@
+20_overflow-in-parser.diff

More information about the Pkg-gnutls-commits mailing list