Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
A
asn1c
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Analytics
Analytics
CI / CD
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Libraries
asn1c
Commits
793982a5
Commit
793982a5
authored
7 years ago
by
Lev Walkin
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
fix XER decoder crash on maliciously constructed ENUMERATED input
parent
f5e333e9
Changes
2
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
8 additions
and
1 deletion
+8
-1
ChangeLog
ChangeLog
+7
-0
skeletons/INTEGER.c
skeletons/INTEGER.c
+1
-1
No files found.
ChangeLog
View file @
793982a5
0.9.??:
0.9.??:
FEATURES:
* Added OER support.
* Added OER support.
* Added LTE RRC example (Bi-Ruei, Chiu).
* Added LTE RRC example (Bi-Ruei, Chiu).
* Added IEEE 1609.2 example.
* Added IEEE 1609.2 example.
* Added SAE J2735 example.
* Added SAE J2735 example.
NOTABLE:
* converter-sample.c renamed into converter-example.c
* converter-sample.c renamed into converter-example.c
FIXES:
* CVE-2017-12966 verified not present.
* CVE-2017-12966 verified not present.
* Fix incomplete (failed) CHOICE XER decoding memory leak.
* Fix incomplete (failed) CHOICE XER decoding memory leak.
(Severity: medium; Security impact: medium)
(Severity: medium; Security impact: medium)
...
@@ -12,6 +17,8 @@
...
@@ -12,6 +17,8 @@
(Severity: low; Security impact: medium)
(Severity: low; Security impact: medium)
* Fix UPER string decoding constrained only by lower bound > 0
* Fix UPER string decoding constrained only by lower bound > 0
(Severity: low; Security impact: none)
(Severity: low; Security impact: none)
* Fix XER decoder crash on maliciously constructed ENUMERATED input.
(Severity: medium; Security impact: medium)
0.9.28: 2017-03-26
0.9.28: 2017-03-26
* PER decoding: avoid memory leak on error. By github.com/simo5
* PER decoding: avoid memory leak on error. By github.com/simo5
...
...
This diff is collapsed.
Click to expand it.
skeletons/INTEGER.c
View file @
793982a5
...
@@ -238,7 +238,7 @@ INTEGER__compar_enum2value(const void *kp, const void *am) {
...
@@ -238,7 +238,7 @@ INTEGER__compar_enum2value(const void *kp, const void *am) {
/* Compare strings */
/* Compare strings */
for
(
ptr
=
key
->
start
,
end
=
key
->
stop
,
name
=
el
->
enum_name
;
for
(
ptr
=
key
->
start
,
end
=
key
->
stop
,
name
=
el
->
enum_name
;
ptr
<
end
;
ptr
++
,
name
++
)
{
ptr
<
end
;
ptr
++
,
name
++
)
{
if
(
*
ptr
!=
*
name
)
if
(
*
ptr
!=
*
name
||
!*
name
)
return
*
(
const
unsigned
char
*
)
ptr
return
*
(
const
unsigned
char
*
)
ptr
-
*
(
const
unsigned
char
*
)
name
;
-
*
(
const
unsigned
char
*
)
name
;
}
}
...
...
This diff is collapsed.
Click to expand it.
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment