diff options
author | Wang Mingyu <wangmy@cn.fujitsu.com> | 2020-03-13 04:10:23 -0700 |
---|---|---|
committer | Armin Kuster <akuster808@gmail.com> | 2020-03-21 19:46:49 -0700 |
commit | 22862f7bdc690268ab44548576f002cf585a6f78 (patch) | |
tree | 8c7a90280969c99eeff4576f6fc9f68a7e78a6b8 /meta-oe/recipes-support/opensc/opensc/CVE-2019-19480.patch | |
parent | 2cf6bc0e6de881e2385a3a0f2821b411cd1237dc (diff) | |
download | meta-openembedded-contrib-22862f7bdc690268ab44548576f002cf585a6f78.tar.gz |
opensc: CVE-2019-19479 CVE-2019-19480
Security Advisory
References
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19479
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19480
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Diffstat (limited to 'meta-oe/recipes-support/opensc/opensc/CVE-2019-19480.patch')
-rw-r--r-- | meta-oe/recipes-support/opensc/opensc/CVE-2019-19480.patch | 34 |
1 files changed, 34 insertions, 0 deletions
diff --git a/meta-oe/recipes-support/opensc/opensc/CVE-2019-19480.patch b/meta-oe/recipes-support/opensc/opensc/CVE-2019-19480.patch new file mode 100644 index 0000000000..12c1f0b4af --- /dev/null +++ b/meta-oe/recipes-support/opensc/opensc/CVE-2019-19480.patch @@ -0,0 +1,34 @@ +From 6ce6152284c47ba9b1d4fe8ff9d2e6a3f5ee02c7 Mon Sep 17 00:00:00 2001 +From: Jakub Jelen <jjelen@redhat.com> +Date: Wed, 23 Oct 2019 09:22:44 +0200 +Subject: [PATCH] pkcs15-prkey: Simplify cleaning memory after failure + +https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18478 + +Upstream-Status: Accepted +CVE: CVE-2019-19480 + +Reference to upstream patch: +https://github.com/OpenSC/OpenSC/commit/6ce6152284c47ba9b1d4fe8ff9d2e6a3f5ee02c7 +--- + src/libopensc/pkcs15-prkey.c | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/src/libopensc/pkcs15-prkey.c b/src/libopensc/pkcs15-prkey.c +index d3eee983..4b249582 100644 +--- a/src/libopensc/pkcs15-prkey.c ++++ b/src/libopensc/pkcs15-prkey.c +@@ -258,6 +258,10 @@ int sc_pkcs15_decode_prkdf_entry(struct sc_pkcs15_card *p15card, + memset(gostr3410_params, 0, sizeof(gostr3410_params)); + + r = sc_asn1_decode_choice(ctx, asn1_prkey, *buf, *buflen, buf, buflen); ++ if (r < 0) { ++ /* This might have allocated something. If so, clear it now */ ++ free(info.subject.value); ++ } + if (r == SC_ERROR_ASN1_END_OF_CONTENTS) + return r; + LOG_TEST_RET(ctx, r, "PrKey DF ASN.1 decoding failed"); +-- +2.17.1 + |