Skip to content

Commit

Permalink
Fixes #507 in LibTomCrypt
Browse files Browse the repository at this point in the history 
Fix a vulnerability in der_decode_utf8_string as specified here:
libtom/libtomcrypt#507

Patch manually picked from:
  libtom/libtomcrypt@25c26a3

[Joakim Bech: Extended commmit message]
Acked-by: Joakim Bech <[email protected]>
Tested-by: Joakim Bech <[email protected]> (QEMU v7)
  • Loading branch information
@werew @jbech-linaro
werew authored and jbech-linaro committed Oct 8, 2019
1 parent 0c76446 commit 2e3804e
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion core/lib/libtomcrypt/src/pk/asn1/der/utf8/der_decode_utf8_string.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -66,7 +66,7 @@ int der_decode_utf8_string(const unsigned char *in, unsigned long inlen,
/* count number of bytes */
for (z = 0; (tmp & 0x80) && (z <= 4); z++, tmp = (tmp << 1) & 0xFF);

if (z > 4 || (x + (z - 1) > inlen)) {
if (z == 1 || z > 4 || (x + (z - 1) > inlen)) {
return CRYPT_INVALID_PACKET;
}

Expand Down

0 comments on commit 2e3804e

Please sign in to comment.