Add Overflow check to DecodeAltNames input buffer access#5892
Merged
dgarske merged 2 commits intowolfSSL:masterfrom Dec 15, 2022
Merged
Add Overflow check to DecodeAltNames input buffer access#5892dgarske merged 2 commits intowolfSSL:masterfrom
dgarske merged 2 commits intowolfSSL:masterfrom
Conversation
dgarske
approved these changes
Dec 14, 2022
dgarske
requested changes
Dec 14, 2022
Member
dgarske
left a comment
dgarske
left a comment
There was a problem hiding this comment.
8 bit, trailing spaces or tabs:
./wolfcrypt/src/asn.c:17367: /* Verify idx can't overflow input buffer */
weird control chars, hard tabs, CRs, trailing whitespace:
./wolfcrypt/src/asn.c:17367: /* Verify idx can't overflow input buffer */
warning, overlong lines added:
/wolfcrypt/src/asn.c:17414 else if (current_byte == (ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED | ASN_DIR_TYPE)) {
/wolfcrypt/src/asn.c:17608 else if (current_byte == (ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED | ASN_OTHER_TYPE))
check-source-text fail_AB
exiting with status 1```
dgarske
approved these changes
Dec 15, 2022
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
Add checks for issue found by OSS fuzz.
Fixes zd# #15333
Testing
Tested with provided reproduction code on ZD ticket #15333
Checklist