[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[gnunet] 04/05: util: Fix possible integer overflows in CERT handling. F
|
From: |
gnunet |
|
Subject: |
[gnunet] 04/05: util: Fix possible integer overflows in CERT handling. Fixes #9323 |
|
Date: |
Tue, 05 Nov 2024 09:15:33 +0100 |
This is an automated email from the git hooks/post-receive script.
martin-schanzenbach pushed a commit to branch master
in repository gnunet.
commit 38e93bade280e293608ec216a484eb4ba279ced6
Author: Martin Schanzenbach <schanzen@gnunet.org>
AuthorDate: Tue Nov 5 09:12:28 2024 +0100
util: Fix possible integer overflows in CERT handling. Fixes #9323
---
src/lib/util/dnsparser.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/src/lib/util/dnsparser.c b/src/lib/util/dnsparser.c
index 1931c37f1..824c177db 100644
--- a/src/lib/util/dnsparser.c
+++ b/src/lib/util/dnsparser.c
@@ -1145,8 +1145,9 @@ GNUNET_DNSPARSER_builder_add_cert (
#ifdef __clang__
#pragma clang diagnostic pop
#endif
- if (*off + sizeof(struct GNUNET_TUN_DnsCertRecord) + cert->certificate_size >
- dst_len)
+ GNUNET_assert (*off <= SIZE_MAX - sizeof (dcert));
+ GNUNET_assert (cert->certificate_size <= SIZE_MAX - *off - sizeof (dcert));
+ if (*off + sizeof(dcert) + cert->certificate_size > dst_len)
return GNUNET_NO;
dcert.cert_type = htons ((uint16_t) cert->cert_type);
dcert.cert_tag = htons ((uint16_t) cert->cert_tag);
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.