Menu
▾
▴
Re: [Opensc-devel] suggested small fix
|
From: Ludovic R. <lud...@gm...> - 2014-04-10 14:47:18
|
2014-04-10 15:03 GMT+02:00 Umberto Rustichelli aka Ubi <op...@se...>: > On 04/10/2014 02:57 PM, Umberto Rustichelli aka Ubi wrote: >> >> IMHO in opensc source, file src/tools/pkcs11-tool.c, function >> >> parse_certificate(struct x509cert_info *cert, >> unsigned char *data, int len) >> >> behaviour can potentially corrupt memory or lead to a segmentation fault. >> > > Well, to be precise if it corrupts memory, there are two possibilities: > the issue is trapped and the program exists with an error or there is a > segmentation fault. > No way the code will proceed with a corruption in memory without > stopping, which is of course a good thing. > > Comments? Do I miss somenting? Memory corruption can have very bad effects. I opened a pull request at https://github.com/OpenSC/OpenSC/pull/231 Thanks -- Dr. Ludovic Rousseau |
