[PATCH] libtasn1: CVE-2021-46848

Peter Naulls Mon, 07 Nov 2022 07:18:44 -0800

On 11/3/22 12:01, Etienne Champetier wrote:

Hi Peter,


Can you resend this as a proper patch ready to be applied ?
Or as a PR on Github if this is easier for you ?


Sorry, retry. I wasn't 100% sure of the filename setup for submitted
patches. I've got a couple more to come.

As per:

https://nvd.nist.gov/vuln/detail/CVE-2021-46848

--- a/lib/int.h 2022-11-03 10:15:01.065656767 -0400
+++ b/lib/int.h 2022-11-03 10:15:39.333658083 -0400
@@ -97,7 +97,7 @@
 #define ETYPE_TAG(etype) (_asn1_tags[etype].tag)
 #define ETYPE_CLASS(etype) (_asn1_tags[etype].class)
 #define ETYPE_OK(etype) (((etype) != ASN1_ETYPE_INVALID && \
-                          (etype) <= _asn1_tags_size && \
+                          (etype) < _asn1_tags_size && \
                           _asn1_tags[(etype)].desc != NULL)?1:0)

 #define ETYPE_IS_STRING(etype) ((etype == ASN1_ETYPE_GENERALSTRING || \






_______________________________________________
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel

[PATCH] libtasn1: CVE-2021-46848

Reply via email to