Page MenuHome GnuPG
Feed Advanced Search

Advanced Search
Use Results
Hide Query

Feb 16 2018

jfe closed T3770: heap buffer overflow in iobuf.c as Resolved.
Feb 16 2018, 7:33 PM · g10, Bug Report
jfe added a comment to T3770: heap buffer overflow in iobuf.c.

This handles the problem, thanks.

Feb 16 2018, 7:32 PM · g10, Bug Report

Feb 15 2018

jfe added a comment to T3770: heap buffer overflow in iobuf.c.

Yes, that is correct.

Feb 15 2018, 10:34 AM · g10, Bug Report

Feb 14 2018

jfe added a comment to T3770: heap buffer overflow in iobuf.c.

That's weird, I can reproduce it with a fresh pull from dev.gnupg.org (I can't clone it because it keeps giving me an error like "no rule to make target audit-events.h) by configuring with CFLAGS set to -fsantize=address -ldl and LDFLAGS set to -lasan. I added the -ldl because of a linking error with symbol dlsym (only when -fsantize=address is present). It more specifically complains about a READ access of size 1 and heap-buffer-overflow on address 0xb30037b0. It also mentions that this address is a wild pointer. The call tree looks as follows:
iobuf_temp_with_content
keybox_get_keyblock
keydb_get_keyblock
do_export_stream
do_export
export_pubkeys
main

Feb 14 2018, 9:44 PM · g10, Bug Report

Feb 6 2018

jfe added a comment to T3780: Integer overflow causes heap overflow in parse_symkeyenc() in file g10/parse-packet.c.

Great, thanks for the quick response!

Feb 6 2018, 6:25 PM · g10, Bug Report
jfe updated the task description for T3780: Integer overflow causes heap overflow in parse_symkeyenc() in file g10/parse-packet.c.
Feb 6 2018, 1:12 PM · g10, Bug Report
jfe created T3780: Integer overflow causes heap overflow in parse_symkeyenc() in file g10/parse-packet.c.
Feb 6 2018, 1:10 PM · g10, Bug Report

Feb 2 2018

jfe created T3770: heap buffer overflow in iobuf.c.
Feb 2 2018, 4:28 PM · g10, Bug Report