[gnutls-devel] libtasn1 | Potential Buffer Overrun in _asn1_tag_der() (#49)
Read-only notification of GnuTLS library development activities
gnutls-devel at lists.gnutls.org
Tue Feb 27 08:41:28 CET 2024
Simon Josefsson commented: https://gitlab.com/gnutls/libtasn1/-/issues/49#note_1790536153
For this to be triggered, `tag_value` has to be quite large -- maybe the function should do a `ETYPE_OK(tag_value)` before using it. Several of the callers do something like that already, so it is not clear it is easily exploitable.
--
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/libtasn1/-/issues/49#note_1790536153
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20240227/0693115a/attachment-0001.html>
More information about the Gnutls-devel
mailing list