rpms / nss-util

Clone
Source Code
GIT

Blame SOURCES/nss-util-3.44-handle-malformed-ecdh.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8
  1.   c7-beta
  2.   SOURCES
  3.   nss-util-3.44-handle-malformed-ecdh.patch
Blob History Raw
701fd0 
diff --git a/lib/util/quickder.c b/lib/util/quickder.c
701fd0 
--- a/lib/util/quickder.c
701fd0 
+++ b/lib/util/quickder.c
701fd0 
@@ -757,6 +757,13 @@
701fd0 
                         }
701fd0
701fd0 
                         case SEC_ASN1_BIT_STRING: {
701fd0 
+                            /* Can't be 8 or more spare bits, or any spare bits
701fd0 
+			     * if there are no octets. */
701fd0 
+                            if (temp.data[0] >= 8 || (temp.data[0] > 0 && temp.len == 1)) {
701fd0 
+                                PORT_SetError(SEC_ERROR_BAD_DER);
701fd0 
+                                rv = SECFailure;
701fd0 
+                                break;
701fd0 
+                            }
701fd0 
                             /* change the length in the SECItem to be the number
701fd0 
                                of bits */
701fd0 
                             temp.len = (temp.len - 1) * 8 - (temp.data[0] & 0x7);
701fd0
701fd0

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation