You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
ghost
removed
untriaged
New issue has not been triaged by the area owner
in-pr
There is an active PR which will close this issue when it is merged
labels
Apr 26, 2022
ghost
locked as resolved and limited conversation to collaborators
May 26, 2022
Sign up for freeto subscribe to this conversation on GitHub.
Already have an account?
Sign in.
The following code will produce a stack overflow within
Pkcs12Kdf
.This overflows calculating the length of
P
, which causes a negative value to go in to thestackalloc
here:runtime/src/libraries/Common/src/System/Security/Cryptography/Pkcs12Kdf.cs
Lines 133 to 142 in 9a0b22a
This is an unusual use case to have a password that large, but we should probably have a
checked
arithmetic operation here.The text was updated successfully, but these errors were encountered: