diff options
| author | Peter Korsgaard <peter@korsgaard.com> | 2016-12-29 00:01:54 +0100 |
|---|---|---|
| committer | Peter Korsgaard <peter@korsgaard.com> | 2016-12-29 00:01:54 +0100 |
| commit | 9f57959147377e5ee13451a9d5fe6ba002aa20a5 (patch) | |
| tree | 7b7b7df2ed82b102980e938d8cbacaf3132f36a0 /package/cryptopp | |
| parent | e298cf06f6fe04bf6b52bddeee1a816054195ac4 (diff) | |
cryptopp: fixup DOS newlines in CVE-2016-9939 patch
The patch did contain the correct newlines, but they got stripped by
patchwork so now the patch no longer applies.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Diffstat (limited to 'package/cryptopp')
| -rw-r--r-- | package/cryptopp/0001-Fix-possible-DoS-in-ASN.1-decoders-CVE-2016-9939.patch | 84 |
1 files changed, 42 insertions, 42 deletions
diff --git a/package/cryptopp/0001-Fix-possible-DoS-in-ASN.1-decoders-CVE-2016-9939.patch b/package/cryptopp/0001-Fix-possible-DoS-in-ASN.1-decoders-CVE-2016-9939.patch index ea6ba7fae..2d0f1d91d 100644 --- a/package/cryptopp/0001-Fix-possible-DoS-in-ASN.1-decoders-CVE-2016-9939.patch +++ b/package/cryptopp/0001-Fix-possible-DoS-in-ASN.1-decoders-CVE-2016-9939.patch @@ -14,56 +14,56 @@ index 297ff01..2e923ef 100644 --- a/asn.cpp +++ b/asn.cpp @@ -123,6 +123,8 @@ size_t BERDecodeOctetString(BufferedTransformation &bt, SecByteBlock &str) - size_t bc; - if (!BERLengthDecode(bt, bc)) - BERDecodeError(); -+ if (bc > bt.MaxRetrievable()) -+ BERDecodeError(); - - str.New(bc); - if (bc != bt.Get(str, bc)) + size_t bc;
+ if (!BERLengthDecode(bt, bc))
+ BERDecodeError();
++ if (bc > bt.MaxRetrievable())
++ BERDecodeError();
+
+ str.New(bc);
+ if (bc != bt.Get(str, bc))
@@ -139,6 +141,8 @@ size_t BERDecodeOctetString(BufferedTransformation &bt, BufferedTransformation & - size_t bc; - if (!BERLengthDecode(bt, bc)) - BERDecodeError(); -+ if (bc > bt.MaxRetrievable()) -+ BERDecodeError(); - - bt.TransferTo(str, bc); - return bc; + size_t bc;
+ if (!BERLengthDecode(bt, bc))
+ BERDecodeError();
++ if (bc > bt.MaxRetrievable())
++ BERDecodeError();
+
+ bt.TransferTo(str, bc);
+ return bc;
@@ -161,6 +165,8 @@ size_t BERDecodeTextString(BufferedTransformation &bt, std::string &str, byte as - size_t bc; - if (!BERLengthDecode(bt, bc)) - BERDecodeError(); -+ if (bc > bt.MaxRetrievable()) -+ BERDecodeError(); - - SecByteBlock temp(bc); - if (bc != bt.Get(temp, bc)) + size_t bc;
+ if (!BERLengthDecode(bt, bc))
+ BERDecodeError();
++ if (bc > bt.MaxRetrievable())
++ BERDecodeError();
+
+ SecByteBlock temp(bc);
+ if (bc != bt.Get(temp, bc))
@@ -188,6 +194,10 @@ size_t BERDecodeBitString(BufferedTransformation &bt, SecByteBlock &str, unsigne - size_t bc; - if (!BERLengthDecode(bt, bc)) - BERDecodeError(); -+ if (bc == 0) -+ BERDecodeError(); -+ if (bc > bt.MaxRetrievable()) -+ BERDecodeError(); - - byte unused; - if (!bt.Get(unused)) + size_t bc;
+ if (!BERLengthDecode(bt, bc))
+ BERDecodeError();
++ if (bc == 0)
++ BERDecodeError();
++ if (bc > bt.MaxRetrievable())
++ BERDecodeError();
+
+ byte unused;
+ if (!bt.Get(unused))
diff --git a/asn.h b/asn.h index ed9de52..33f0dd0 100644 --- a/asn.h +++ b/asn.h @@ -498,6 +498,8 @@ void BERDecodeUnsigned(BufferedTransformation &in, T &w, byte asnTag = INTEGER, - bool definite = BERLengthDecode(in, bc); - if (!definite) - BERDecodeError(); -+ if (bc > in.MaxRetrievable()) -+ BERDecodeError(); - - SecByteBlock buf(bc); - + bool definite = BERLengthDecode(in, bc);
+ if (!definite)
+ BERDecodeError();
++ if (bc > in.MaxRetrievable())
++ BERDecodeError();
+
+ SecByteBlock buf(bc);
+
-- 2.10.2 |