diff options
Diffstat (limited to 'meta-oe/recipes-support/opensc/opensc/CVE-2019-19480.patch')
-rw-r--r-- | meta-oe/recipes-support/opensc/opensc/CVE-2019-19480.patch | 34 |
1 files changed, 34 insertions, 0 deletions
diff --git a/meta-oe/recipes-support/opensc/opensc/CVE-2019-19480.patch b/meta-oe/recipes-support/opensc/opensc/CVE-2019-19480.patch new file mode 100644 index 000000000..12c1f0b4a --- /dev/null +++ b/meta-oe/recipes-support/opensc/opensc/CVE-2019-19480.patch | |||
@@ -0,0 +1,34 @@ | |||
1 | From 6ce6152284c47ba9b1d4fe8ff9d2e6a3f5ee02c7 Mon Sep 17 00:00:00 2001 | ||
2 | From: Jakub Jelen <jjelen@redhat.com> | ||
3 | Date: Wed, 23 Oct 2019 09:22:44 +0200 | ||
4 | Subject: [PATCH] pkcs15-prkey: Simplify cleaning memory after failure | ||
5 | |||
6 | https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18478 | ||
7 | |||
8 | Upstream-Status: Accepted | ||
9 | CVE: CVE-2019-19480 | ||
10 | |||
11 | Reference to upstream patch: | ||
12 | https://github.com/OpenSC/OpenSC/commit/6ce6152284c47ba9b1d4fe8ff9d2e6a3f5ee02c7 | ||
13 | --- | ||
14 | src/libopensc/pkcs15-prkey.c | 4 ++++ | ||
15 | 1 file changed, 4 insertions(+) | ||
16 | |||
17 | diff --git a/src/libopensc/pkcs15-prkey.c b/src/libopensc/pkcs15-prkey.c | ||
18 | index d3eee983..4b249582 100644 | ||
19 | --- a/src/libopensc/pkcs15-prkey.c | ||
20 | +++ b/src/libopensc/pkcs15-prkey.c | ||
21 | @@ -258,6 +258,10 @@ int sc_pkcs15_decode_prkdf_entry(struct sc_pkcs15_card *p15card, | ||
22 | memset(gostr3410_params, 0, sizeof(gostr3410_params)); | ||
23 | |||
24 | r = sc_asn1_decode_choice(ctx, asn1_prkey, *buf, *buflen, buf, buflen); | ||
25 | + if (r < 0) { | ||
26 | + /* This might have allocated something. If so, clear it now */ | ||
27 | + free(info.subject.value); | ||
28 | + } | ||
29 | if (r == SC_ERROR_ASN1_END_OF_CONTENTS) | ||
30 | return r; | ||
31 | LOG_TEST_RET(ctx, r, "PrKey DF ASN.1 decoding failed"); | ||
32 | -- | ||
33 | 2.17.1 | ||
34 | |||