Menu
▾
▴
[Opensc-commits] [OpenSC/OpenSC] b28a3c: openpgp: Do not accept non-matching key responses
|
From: Jakub J. <no...@gi...> - 2024-08-19 09:31:34
|
Branch: refs/heads/master Home: https://github.com/OpenSC/OpenSC Commit: b28a3cef416fcfb92fbb9ea7fd3c71df52c6c9fc https://github.com/OpenSC/OpenSC/commit/b28a3cef416fcfb92fbb9ea7fd3c71df52c6c9fc Author: Jakub Jelen <jj...@re...> Date: 2024-08-19 (Mon, 19 Aug 2024) Changed paths: M src/libopensc/card-openpgp.c Log Message: ----------- openpgp: Do not accept non-matching key responses When generating RSA key pair using PKCS#15 init, the driver could accept responses relevant to ECC keys, which made further processing in the pkcs15-init failing/accessing invalid parts of structures. Thanks oss-fuzz! https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=71010 Signed-off-by: Jakub Jelen <jj...@re...> Commit: 02e847458369c08421fd2d5e9a16a5f272c2de9e https://github.com/OpenSC/OpenSC/commit/02e847458369c08421fd2d5e9a16a5f272c2de9e Author: Jakub Jelen <jj...@re...> Date: 2024-08-19 (Mon, 19 Aug 2024) Changed paths: M src/libopensc/card-openpgp.c Log Message: ----------- openpgp: Avoid buffer overflow when writing fingerprint Fix also surrounding code to return error (not just log it) when some step fails. Thanks oss-fuzz https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=70933 Signed-off-by: Jakub Jelen <jj...@re...> Commit: 6eeeae7ab0436f85bc9e8c7e9ad1931cd982aed7 https://github.com/OpenSC/OpenSC/commit/6eeeae7ab0436f85bc9e8c7e9ad1931cd982aed7 Author: Jakub Jelen <jj...@re...> Date: 2024-08-19 (Mon, 19 Aug 2024) Changed paths: M src/libopensc/card-openpgp.c Log Message: ----------- openpgp: Set the ecpoint_len based on received length This avoids buffer overrun later when the further processing assumes the length is a field length Signed-off-by: Jakub Jelen <jj...@re...> Commit: 1ab2af78f0a7214404e9545c965b877327dc117d https://github.com/OpenSC/OpenSC/commit/1ab2af78f0a7214404e9545c965b877327dc117d Author: Jakub Jelen <jj...@re...> Date: 2024-08-19 (Mon, 19 Aug 2024) Changed paths: M src/libopensc/card-openpgp.c Log Message: ----------- openpgp: Try to workaround the windows unsigned/signed issue Compare: https://github.com/OpenSC/OpenSC/compare/3b289b17866a...1ab2af78f0a7 To unsubscribe from these emails, change your notification settings at https://github.com/OpenSC/OpenSC/settings/notifications |
