Home GnuPG
Diffusion GpgOL 9f1f29c22706

Protect against theoretical integer overflow in TLV parser.

Description

Protect against theoretical integer overflow in TLV parser.

* src/parsetlv.c (parse_tlv): Detect integer overflow

Although there is no case where callers use the (nhdr + length), it is
better to protect against such a use case already here.

Details

Provenance
wernerAuthored on Wed, Nov 2, 8:48 AM
Parents
rO74e04a416f2a: w64: Support static linkage with lib64 libdir
Branches
Unknown
Tags
Unknown