[PATCH gnupg] common: Fix read buffer over-read in uncompress_ecc_q_in_canon_sexp.
Werner Koch
wk at gnupg.org
Sat May 24 13:24:41 CEST 2025
On Fri, 23 May 2025 23:52, Collin Funk said:
> - else if (toklen == 10 || !memcmp ("public-key", tok, toklen))
> + else if (toklen == 10 && !memcmp ("public-key", tok, toklen))
Uiih, a classic brown paper bag bug for me. Fortunately the code is
only used by PKCS#15 cards as an early check for a proper public key.
Thanks. Will be applied soon.
Salam-Shalom,
Werner
--
The pioneers of a warless world are the youth that
refuse military service. - A. Einstein
-------------- next part --------------
A non-text attachment was scrubbed...
Name: openpgp-digital-signature.asc
Type: application/pgp-signature
Size: 247 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-devel/attachments/20250524/7f07a097/attachment.sig>
More information about the Gnupg-devel
mailing list