diff options
| author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2017-02-23 11:10:04 +0100 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2017-02-23 11:10:06 +0100 |
| commit | 3d51e103a825f39dd8459fdc815345dd285b344a (patch) | |
| tree | 69acfd64feddf4a925e00286aaf676b176151e6e | |
| parent | f8506ee8f93ba83dcfcadd1ce755a00e8d22c935 (diff) | |
| download | gnutls-tmp-openpgp-cert-access-fix.tar.gz | |
opencdk: read_attribute: account buffer sizetmp-openpgp-cert-access-fix
That ensures that there is no read past the end of buffer.
Resolves the oss-fuzz found bug:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=391
Relates: #159
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
| -rw-r--r-- | lib/opencdk/read-packet.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/opencdk/read-packet.c b/lib/opencdk/read-packet.c index f5b180b072..d2c420c138 100644 --- a/lib/opencdk/read-packet.c +++ b/lib/opencdk/read-packet.c @@ -514,7 +514,7 @@ read_attribute(cdk_stream_t inp, size_t pktlen, cdk_pkt_userid_t attr, pktlen--; } - if (!len || *p != 1) { /* Currently only 1, meaning an image, is defined. */ + if (!len || pktlen == 0 || *p != 1) { /* Currently only 1, meaning an image, is defined. */ rc = CDK_Inv_Packet; goto error; } |