Re: [PATCH v17 05/20] libtasn1: fix the potential buffer overrun

2024-06-17 Thread Daniel Kiper via Grub-devel
On Fri, Jun 14, 2024 at 02:45:38PM +0800, Gary Lin wrote: > In _asn1_tag_der(), the first while loop for the long form may end up > with a 'k' value with 'ASN1_MAX_TAG_SIZE' and cause the buffer overrun > in the second while loop. This commit tweaks the conditional check to > avoid producing a too

[PATCH v17 05/20] libtasn1: fix the potential buffer overrun

2024-06-13 Thread Gary Lin via Grub-devel
In _asn1_tag_der(), the first while loop for the long form may end up with a 'k' value with 'ASN1_MAX_TAG_SIZE' and cause the buffer overrun in the second while loop. This commit tweaks the conditional check to avoid producing a too large 'k'. This is a quick fix and may differ from the official u