Fix an integer overflow in the CRL signature parser.
f61a5ea4e0f6
Actions

Description

Fix an integer overflow in the CRL signature parser.

* src/crl.c (parse_signature): N+N2 now checked for overflow.
* src/ocsp.c (parse_response_extensions): Do not accept too large
values.
(parse_single_extensions): Ditto.

The second patch is an extra safegourd not related to the reported
bug.

GnuPG-bug-id: T6284
Reported-by: Joseph Surin, elttam

Details

Provenance

• werner

Authored on Nov 22 2022, 4:36 PM

Parents

rKff8c0e857c2f: doc: Update description about pkg-config.

Branches

Unknown

Tags

Unknown

Tasks

T6284: Another integer overflow in Libksba

Event Timeline

• werner committed rKf61a5ea4e0f6: Fix an integer overflow in the CRL signature parser. (authored by • werner).Nov 23 2022, 10:44 AM

• werner added a task: T6284: Another integer overflow in Libksba.Dec 20 2022, 7:25 PM

Changes (2)

Path

Size

src/

crl.c

ocsp.c

rKf61a5ea4e0f6

View Options

src/crl.c