[pkg-opensc-commit] [opensc] 270/295: prevent integer overflow
Eric Dorland
eric at moszumanska.debian.org
Sat Jun 24 21:11:39 UTC 2017
This is an automated email from the git hooks/post-receive script.
eric pushed a commit to branch master
in repository opensc.
commit 888215ca7c3d051cabbbf6658a05428404a847be
Author: Frank Morgner <frankmorgner at gmail.com>
Date: Tue Jun 6 00:45:18 2017 +0200
prevent integer overflow
---
src/libopensc/pkcs15-pubkey.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/libopensc/pkcs15-pubkey.c b/src/libopensc/pkcs15-pubkey.c
index 4035321..5e6bfb9 100644
--- a/src/libopensc/pkcs15-pubkey.c
+++ b/src/libopensc/pkcs15-pubkey.c
@@ -1270,7 +1270,7 @@ sc_pkcs15_read_der_file(sc_context_t *ctx, char * filename,
}
offs = body - tagbuf;
- if (offs > len || offs < 2) {
+ if (offs > len || offs < 2 || offs > offs + bodylen) {
r = SC_ERROR_INVALID_ASN1_OBJECT;
goto out;
}
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-opensc/opensc.git
More information about the pkg-opensc-commit
mailing list