diff options
Diffstat (limited to 'meta/recipes-support/gnutls/libtasn1/CVE-2021-46848.patch')
-rw-r--r-- | meta/recipes-support/gnutls/libtasn1/CVE-2021-46848.patch | 45 |
1 files changed, 45 insertions, 0 deletions
diff --git a/meta/recipes-support/gnutls/libtasn1/CVE-2021-46848.patch b/meta/recipes-support/gnutls/libtasn1/CVE-2021-46848.patch new file mode 100644 index 0000000000..9a8ceecbe7 --- /dev/null +++ b/meta/recipes-support/gnutls/libtasn1/CVE-2021-46848.patch | |||
@@ -0,0 +1,45 @@ | |||
1 | From 22fd12b290adea788122044cb58dc9e77754644f Mon Sep 17 00:00:00 2001 | ||
2 | From: Vivek Kumbhar <vkumbhar@mvista.com> | ||
3 | Date: Thu, 17 Nov 2022 12:07:50 +0530 | ||
4 | Subject: [PATCH] CVE-2021-46848 | ||
5 | |||
6 | Upstream-Status: Backport [https://gitlab.com/gnutls/libtasn1/-/commit/44a700d2051a666235748970c2df047ff207aeb5] | ||
7 | CVE: CVE-2021-46848 | ||
8 | Signed-off-by: Vivek Kumbhar <vkumbhar@mvista.com> | ||
9 | |||
10 | Fix ETYPE_OK off by one array size check. | ||
11 | --- | ||
12 | NEWS | 4 ++++ | ||
13 | lib/int.h | 2 +- | ||
14 | 2 files changed, 5 insertions(+), 1 deletion(-) | ||
15 | |||
16 | diff --git a/NEWS b/NEWS | ||
17 | index f042481..d8f684e 100644 | ||
18 | --- a/NEWS | ||
19 | +++ b/NEWS | ||
20 | @@ -1,5 +1,9 @@ | ||
21 | GNU Libtasn1 NEWS -*- outline -*- | ||
22 | |||
23 | +* Noteworthy changes in release ?.? (????-??-??) [?] | ||
24 | +- Fix ETYPE_OK out of bounds read. Closes: #32. | ||
25 | +- Update gnulib files and various maintenance fixes. | ||
26 | + | ||
27 | * Noteworthy changes in release 4.16.0 (released 2020-02-01) [stable] | ||
28 | - asn1_decode_simple_ber: added support for constructed definite | ||
29 | octet strings. This allows this function decode the whole set of | ||
30 | diff --git a/lib/int.h b/lib/int.h | ||
31 | index ea16257..c877282 100644 | ||
32 | --- a/lib/int.h | ||
33 | +++ b/lib/int.h | ||
34 | @@ -97,7 +97,7 @@ typedef struct tag_and_class_st | ||
35 | #define ETYPE_TAG(etype) (_asn1_tags[etype].tag) | ||
36 | #define ETYPE_CLASS(etype) (_asn1_tags[etype].class) | ||
37 | #define ETYPE_OK(etype) (((etype) != ASN1_ETYPE_INVALID && \ | ||
38 | - (etype) <= _asn1_tags_size && \ | ||
39 | + (etype) < _asn1_tags_size && \ | ||
40 | _asn1_tags[(etype)].desc != NULL)?1:0) | ||
41 | |||
42 | #define ETYPE_IS_STRING(etype) ((etype == ASN1_ETYPE_GENERALSTRING || \ | ||
43 | -- | ||
44 | 2.25.1 | ||
45 | |||