mirror of
git://git.gnupg.org/gnupg.git
synced 2024-12-22 10:19:57 +01:00
sm: Fix a bug in the rfc2253 parser
* sm/certdump.c (parse_dn_part): Fix parser flaw. -- This could in theory result in reading bytes after a after Nul in a string and thus possible segv on unallocated memory or reading other parts of the memory. However, it is harmless because the rfc2253 strings have been constructed by libksba. GnuPG-bug-id: 5037 Signed-off-by: Werner Koch <wk@gnupg.org>
This commit is contained in:
parent
d45e92cf88
commit
16c1d8a14e
@ -448,7 +448,7 @@ parse_dn_part (struct dn_array_s *array, const unsigned char *string)
|
||||
{ /* hexstring */
|
||||
string++;
|
||||
for (s=string; hexdigitp (s); s++)
|
||||
s++;
|
||||
;
|
||||
n = s - string;
|
||||
if (!n || (n & 1))
|
||||
return NULL; /* Empty or odd number of digits. */
|
||||
|
Loading…
x
Reference in New Issue
Block a user