[PATCH v13 05/20] libtasn1: fix the potential buffer overrun

grub-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[PATCH v13 05/20] libtasn1: fix the potential buffer overrun

From:	Gary Lin
Subject:	[PATCH v13 05/20] libtasn1: fix the potential buffer overrun
Date:	Thu, 25 Apr 2024 16:01:51 +0800

In _asn1_tag_der(), the first while loop for the long form may end up
with a 'k' value with 'ASN1_MAX_TAG_SIZE' and cause the buffer overrun
in the second while loop. This commit tweaks the conditional check to
avoid producing a too large 'k'.

This is a quick fix and may differ from the official upstream fix.

libtasn1 issue: https://gitlab.com/gnutls/libtasn1/-/issues/49

Signed-off-by: Gary Lin <glin@suse.com>
---
 grub-core/lib/libtasn1/lib/coding.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/grub-core/lib/libtasn1/lib/coding.c 
b/grub-core/lib/libtasn1/lib/coding.c
index 5d03bca9d..0458829a5 100644
--- a/grub-core/lib/libtasn1/lib/coding.c
+++ b/grub-core/lib/libtasn1/lib/coding.c
@@ -143,7 +143,7 @@ _asn1_tag_der (unsigned char class, unsigned int tag_value,
          temp[k++] = tag_value & 0x7F;
          tag_value >>= 7;
 
-         if (k > ASN1_MAX_TAG_SIZE - 1)
+         if (k >= ASN1_MAX_TAG_SIZE - 1)
            break;              /* will not encode larger tags */
        }
       *ans_len = k + 1;
-- 
2.35.3

[Prev in Thread]

Current Thread

[Next in Thread]

[PATCH v13 00/20] Automatic Disk Unlock with TPM2, Gary Lin, 2024/04/25
- [PATCH v13 01/20] posix_wrap: tweaks in preparation for libtasn1, Gary Lin, 2024/04/25
- [PATCH v13 03/20] libtasn1: disable code not needed in grub, Gary Lin, 2024/04/25
- [PATCH v13 02/20] libtasn1: import libtasn1-4.19.0, Gary Lin, 2024/04/25
- [PATCH v13 04/20] libtasn1: changes for grub compatibility, Gary Lin, 2024/04/25
  - Re: [PATCH v13 04/20] libtasn1: changes for grub compatibility, Stefan Berger, 2024/04/30
- [PATCH v13 05/20] libtasn1: fix the potential buffer overrun, Gary Lin <=
- [PATCH v13 06/20] libtasn1: compile into asn1 module, Gary Lin, 2024/04/25
- [PATCH v13 08/20] libtasn1: Add the documentation, Gary Lin, 2024/04/25
  - Re: [PATCH v13 08/20] libtasn1: Add the documentation, Glenn Washburn, 2024/04/27
    - Re: [PATCH v13 08/20] libtasn1: Add the documentation, Gary Lin, 2024/04/29
- [PATCH v13 10/20] tpm2: Add TPM Software Stack (TSS), Gary Lin, 2024/04/25
- [PATCH v13 12/20] cryptodisk: Support key protectors, Gary Lin, 2024/04/25
- [PATCH v13 13/20] util/grub-protect: Add new tool, Gary Lin, 2024/04/25
- [PATCH v13 17/20] cryptodisk: wipe out the cached keys from protectors, Gary Lin, 2024/04/25
- [PATCH v13 11/20] key_protector: Add TPM2 Key Protector, Gary Lin, 2024/04/25
- [PATCH v13 09/20] key_protector: Add key protectors framework, Gary Lin, 2024/04/25

Prev by Date: [PATCH v13 04/20] libtasn1: changes for grub compatibility
Next by Date: [PATCH v13 06/20] libtasn1: compile into asn1 module
Previous by thread: Re: [PATCH v13 04/20] libtasn1: changes for grub compatibility
Next by thread: [PATCH v13 06/20] libtasn1: compile into asn1 module
Index(es):
- Date
- Thread