From 9f57959147377e5ee13451a9d5fe6ba002aa20a5 Mon Sep 17 00:00:00 2001 From: Peter Korsgaard Date: Thu, 29 Dec 2016 00:01:54 +0100 Subject: [PATCH] cryptopp: fixup DOS newlines in CVE-2016-9939 patch The patch did contain the correct newlines, but they got stripped by patchwork so now the patch no longer applies. Signed-off-by: Peter Korsgaard --- ...-DoS-in-ASN.1-decoders-CVE-2016-9939.patch | 84 +++++++++---------- 1 file changed, 42 insertions(+), 42 deletions(-) diff --git a/package/cryptopp/0001-Fix-possible-DoS-in-ASN.1-decoders-CVE-2016-9939.patch b/package/cryptopp/0001-Fix-possible-DoS-in-ASN.1-decoders-CVE-2016-9939.patch index ea6ba7fae5..2d0f1d91da 100644 --- a/package/cryptopp/0001-Fix-possible-DoS-in-ASN.1-decoders-CVE-2016-9939.patch +++ b/package/cryptopp/0001-Fix-possible-DoS-in-ASN.1-decoders-CVE-2016-9939.patch @@ -14,56 +14,56 @@ index 297ff01..2e923ef 100644 --- a/asn.cpp +++ b/asn.cpp @@ -123,6 +123,8 @@ size_t BERDecodeOctetString(BufferedTransformation &bt, SecByteBlock &str) - size_t bc; - if (!BERLengthDecode(bt, bc)) - BERDecodeError(); -+ if (bc > bt.MaxRetrievable()) -+ BERDecodeError(); - - str.New(bc); - if (bc != bt.Get(str, bc)) + size_t bc; + if (!BERLengthDecode(bt, bc)) + BERDecodeError(); ++ if (bc > bt.MaxRetrievable()) ++ BERDecodeError(); + + str.New(bc); + if (bc != bt.Get(str, bc)) @@ -139,6 +141,8 @@ size_t BERDecodeOctetString(BufferedTransformation &bt, BufferedTransformation & - size_t bc; - if (!BERLengthDecode(bt, bc)) - BERDecodeError(); -+ if (bc > bt.MaxRetrievable()) -+ BERDecodeError(); - - bt.TransferTo(str, bc); - return bc; + size_t bc; + if (!BERLengthDecode(bt, bc)) + BERDecodeError(); ++ if (bc > bt.MaxRetrievable()) ++ BERDecodeError(); + + bt.TransferTo(str, bc); + return bc; @@ -161,6 +165,8 @@ size_t BERDecodeTextString(BufferedTransformation &bt, std::string &str, byte as - size_t bc; - if (!BERLengthDecode(bt, bc)) - BERDecodeError(); -+ if (bc > bt.MaxRetrievable()) -+ BERDecodeError(); - - SecByteBlock temp(bc); - if (bc != bt.Get(temp, bc)) + size_t bc; + if (!BERLengthDecode(bt, bc)) + BERDecodeError(); ++ if (bc > bt.MaxRetrievable()) ++ BERDecodeError(); + + SecByteBlock temp(bc); + if (bc != bt.Get(temp, bc)) @@ -188,6 +194,10 @@ size_t BERDecodeBitString(BufferedTransformation &bt, SecByteBlock &str, unsigne - size_t bc; - if (!BERLengthDecode(bt, bc)) - BERDecodeError(); -+ if (bc == 0) -+ BERDecodeError(); -+ if (bc > bt.MaxRetrievable()) -+ BERDecodeError(); - - byte unused; - if (!bt.Get(unused)) + size_t bc; + if (!BERLengthDecode(bt, bc)) + BERDecodeError(); ++ if (bc == 0) ++ BERDecodeError(); ++ if (bc > bt.MaxRetrievable()) ++ BERDecodeError(); + + byte unused; + if (!bt.Get(unused)) diff --git a/asn.h b/asn.h index ed9de52..33f0dd0 100644 --- a/asn.h +++ b/asn.h @@ -498,6 +498,8 @@ void BERDecodeUnsigned(BufferedTransformation &in, T &w, byte asnTag = INTEGER, - bool definite = BERLengthDecode(in, bc); - if (!definite) - BERDecodeError(); -+ if (bc > in.MaxRetrievable()) -+ BERDecodeError(); - - SecByteBlock buf(bc); - + bool definite = BERLengthDecode(in, bc); + if (!definite) + BERDecodeError(); ++ if (bc > in.MaxRetrievable()) ++ BERDecodeError(); + + SecByteBlock buf(bc); + -- 2.10.2 -- 2.30.2