Package: libtasn1-6 / 4.10-1.1+deb9u1

Metadata

Package Version Patches format
libtasn1-6 4.10-1.1+deb9u1 3.0 (quilt)

Patch series

view the series file
Patch File delta Description
0001 asn1_find_node added safety check on asn1_find_node.patch | (download)

lib/parser_aux.c | 6 6 + 0 - 0 !
1 file changed, 6 insertions(+)

 [patch] asn1_find_node: added safety check on asn1_find_node()

This prevents a stack overflow in asn1_find_node() which
is triggered by too long variable names in the definitions
files. That means that applications have to deliberately
pass a too long 'name' constant to asn1_write_value()
and friends.  Reported by Jakub Jirasek.

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

0001 _asn1_check_identifier safer access to values read.patch | (download)

lib/parser_aux.c | 17 12 + 5 - 0 !
1 file changed, 12 insertions(+), 5 deletions(-)

 _asn1_check_identifier: safer access to values read
0001 _asn1_decode_simple_ber restrict the levels of recur.patch | (download)

lib/decoding.c | 21 19 + 2 - 0 !
1 file changed, 19 insertions(+), 2 deletions(-)

 _asn1_decode_simple_ber: restrict the levels of recursion to 3