diff mbox series

CVE-2020-15888 - libtasn1

Message ID adfef3b7-12e2-c7fc-ea7b-28e49186087b@chocky.org
State Not Applicable
Delegated to: Petr Štetiar
Headers show
Series CVE-2020-15888 - libtasn1 | expand

Commit Message

Peter Naulls Nov. 3, 2022, 2:22 p.m. UTC
https://nvd.nist.gov/vuln/detail/CVE-2021-46848

Against openwrt-22.03



Regards.

Comments

Etienne Champetier Nov. 3, 2022, 4:01 p.m. UTC | #1
Hi Peter,

Can you resend this as a proper patch ready to be applied ?
Or as a PR on Github if this is easier for you ?

Le jeu. 3 nov. 2022 à 10:26, Peter Naulls <peter@chocky.org> a écrit :
>
>
> https://nvd.nist.gov/vuln/detail/CVE-2021-46848
>
> Against openwrt-22.03
>
> --- /dev/null
> +++ b/libs/libtasn1/patches/099-CVE-2020-15888.patch

CVE link and patch name do not match

> @@ -0,0 +1,11 @@
> +--- a/lib/int.h        2022-11-03 10:15:01.065656767 -0400
> ++++ b/lib/int.h        2022-11-03 10:15:39.333658083 -0400
> +@@ -97,7 +97,7 @@
> + #define ETYPE_TAG(etype) (_asn1_tags[etype].tag)
> + #define ETYPE_CLASS(etype) (_asn1_tags[etype].class)
> + #define ETYPE_OK(etype) (((etype) != ASN1_ETYPE_INVALID && \
> +-                          (etype) <= _asn1_tags_size && \
> ++                          (etype) < _asn1_tags_size && \
> +                           _asn1_tags[(etype)].desc != NULL)?1:0)
> +
> + #define ETYPE_IS_STRING(etype) ((etype == ASN1_ETYPE_GENERALSTRING || \
diff mbox series

Patch

--- /dev/null
+++ b/libs/libtasn1/patches/099-CVE-2020-15888.patch
@@ -0,0 +1,11 @@ 
+--- a/lib/int.h        2022-11-03 10:15:01.065656767 -0400
++++ b/lib/int.h        2022-11-03 10:15:39.333658083 -0400
+@@ -97,7 +97,7 @@
+ #define ETYPE_TAG(etype) (_asn1_tags[etype].tag)
+ #define ETYPE_CLASS(etype) (_asn1_tags[etype].class)
+ #define ETYPE_OK(etype) (((etype) != ASN1_ETYPE_INVALID && \
+-                          (etype) <= _asn1_tags_size && \
++                          (etype) < _asn1_tags_size && \
+                           _asn1_tags[(etype)].desc != NULL)?1:0)
+
+ #define ETYPE_IS_STRING(etype) ((etype == ASN1_ETYPE_GENERALSTRING || \