[gnutls-devel] libtasn1 | Potential Buffer Overrun in _asn1_tag_der() (#49)
Read-only notification of GnuTLS library development activities
gnutls-devel at lists.gnutls.org
Tue Feb 27 08:24:59 CET 2024
Simon Josefsson commented: https://gitlab.com/gnutls/libtasn1/-/issues/49#note_1790518004
Thanks - your analysis looks correct. Did you look into if any call path to this function are vulnerable? I'll see if I can create a reproducer. Changing `>` to `>=' may work.
--
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/libtasn1/-/issues/49#note_1790518004
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20240227/0c26e2c4/attachment.html>
More information about the Gnutls-devel
mailing list