grub-devel
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[PATCH v16 08/20] libtasn1: Add the documentation


From: Gary Lin
Subject: [PATCH v16 08/20] libtasn1: Add the documentation
Date: Wed, 15 May 2024 13:07:00 +0800

Document libtasn1 in docs/grub-dev.texi and add the upgrade steps.
Also add the patches to make libtasn1 compatible with grub code.

Signed-off-by: Gary Lin <glin@suse.com>
Reviewed-by: Vladimir Serbinenko <phcoder@gmail.com>
---
 docs/grub-dev.texi                            |  34 ++
 ...asn1-disable-code-not-needed-in-grub.patch | 320 ++++++++++++++++++
 ...tasn1-changes-for-grub-compatibility.patch | 135 ++++++++
 ...sn1-fix-the-potential-buffer-overrun.patch |  35 ++
 4 files changed, 524 insertions(+)
 create mode 100644 
grub-core/lib/libtasn1-patches/0001-libtasn1-disable-code-not-needed-in-grub.patch
 create mode 100644 
grub-core/lib/libtasn1-patches/0002-libtasn1-changes-for-grub-compatibility.patch
 create mode 100644 
grub-core/lib/libtasn1-patches/0003-libtasn1-fix-the-potential-buffer-overrun.patch

diff --git a/docs/grub-dev.texi b/docs/grub-dev.texi
index 1276c5930..0cd419390 100644
--- a/docs/grub-dev.texi
+++ b/docs/grub-dev.texi
@@ -506,6 +506,7 @@ to update it.
 * Gnulib::
 * jsmn::
 * minilzo::
+* libtasn1::
 @end menu
 
 @node Gnulib
@@ -596,6 +597,39 @@ cp minilzo-2.10/*.[hc] grub-core/lib/minilzo
 rm -r minilzo-2.10*
 @end example
 
+@node libtasn1
+@section libtasn1
+
+libtasn1 is a library providing Abstract Syntax Notation One (ASN.1, as
+specified by the X.680 ITU-T recommendation) parsing and structures management,
+and Distinguished Encoding Rules (DER, as per X.690) encoding and decoding
+functions.
+
+To upgrade to a new version of the libtasn1 library, download the release
+tarball and copy the files into the target directory:
+
+@example
+curl -L -O https://ftp.gnu.org/gnu/libtasn1/libtasn1-4.19.0.tar.gz
+tar -zxf libtasn1-4.19.0.tar.gz
+rm -r grub-core/lib/libtasn1/
+mkdir libtasn1/lib
+mkdir -p grub-core/lib/libtasn1/lib/
+cp libtasn1-4.19.0/@lbracechar{}README.md,COPYING@rbracechar{} 
grub-core/lib/libtasn1/
+cp 
libtasn1-4.19.0/lib/@lbracechar{}coding.c,decoding.c,element.c,element.h,errors.c,gstr.c,gstr.h,int.h,parser_aux.c,parser_aux.h,structure.c,structure.h@rbracechar{}
 grub-core/lib/libtasn1/lib/
+cp libtasn1-4.19.0/lib/includes/libtasn1.h include/grub/
+rm -rf libtasn1-4.19.0
+@end example
+
+After upgrading the library, it may be necessary to apply the patches in
+@file{grub-core/lib/libtasn1-patches/} to adjust the code to be compatible with
+grub. These patches were needed to use the current version of libtasn1. The
+existing patches may not apply cleanly, apply at all, or even be needed for a
+newer version of the library, and other patches maybe needed due to changes in
+the newer version. If existing patches need to be refreshed to apply cleanly,
+please include updated patches as part of the a patch set sent to the list.
+If new patches are needed or existing patches are not needed, also please send
+additions or removals as part of any patch set upgrading libtasn1.
+
 @node Debugging
 @chapter Debugging
 
diff --git 
a/grub-core/lib/libtasn1-patches/0001-libtasn1-disable-code-not-needed-in-grub.patch
 
b/grub-core/lib/libtasn1-patches/0001-libtasn1-disable-code-not-needed-in-grub.patch
new file mode 100644
index 000000000..e3264409f
--- /dev/null
+++ 
b/grub-core/lib/libtasn1-patches/0001-libtasn1-disable-code-not-needed-in-grub.patch
@@ -0,0 +1,320 @@
+From 715f65934a120730316751536194ec5ed86aed9c Mon Sep 17 00:00:00 2001
+From: Daniel Axtens <dja@axtens.net>
+Date: Fri, 1 May 2020 17:12:23 +1000
+Subject: [PATCH 1/3] libtasn1: disable code not needed in grub
+
+We don't expect to be able to write ASN.1, only read it,
+so we can disable some code.
+
+Do that with #if 0/#endif, rather than deletion. This means
+that the difference between upstream and grub is smaller,
+which should make updating libtasn1 easier in the future.
+
+With these exclusions we also avoid the need for minmax.h,
+which is convenient because it means we don't have to
+import it from gnulib.
+
+Cc: Vladimir Serbinenko <phcoder@gmail.com>
+Signed-off-by: Daniel Axtens <dja@axtens.net>
+Signed-off-by: Gary Lin <glin@suse.com>
+---
+ grub-core/lib/libtasn1/lib/coding.c    | 12 ++++++++++--
+ grub-core/lib/libtasn1/lib/decoding.c  |  2 ++
+ grub-core/lib/libtasn1/lib/element.c   |  6 +++---
+ grub-core/lib/libtasn1/lib/errors.c    |  3 +++
+ grub-core/lib/libtasn1/lib/structure.c | 10 ++++++----
+ include/grub/libtasn1.h                | 15 +++++++++++++++
+ 6 files changed, 39 insertions(+), 9 deletions(-)
+
+diff --git a/grub-core/lib/libtasn1/lib/coding.c 
b/grub-core/lib/libtasn1/lib/coding.c
+index ea5bc370e..5d03bca9d 100644
+--- a/grub-core/lib/libtasn1/lib/coding.c
++++ b/grub-core/lib/libtasn1/lib/coding.c
+@@ -30,11 +30,11 @@
+ #include "parser_aux.h"
+ #include <gstr.h>
+ #include "element.h"
+-#include "minmax.h"
+ #include <structure.h>
+ 
+ #define MAX_TAG_LEN 16
+ 
++#if 0 /* GRUB SKIPPED IMPORTING */
+ /******************************************************/
+ /* Function : _asn1_error_description_value_not_found */
+ /* Description: creates the ErrorDescription string   */
+@@ -58,6 +58,7 @@ _asn1_error_description_value_not_found (asn1_node node,
+   Estrcat (ErrorDescription, "' not found");
+ 
+ }
++#endif
+ 
+ /**
+  * asn1_length_der:
+@@ -244,6 +245,7 @@ asn1_encode_simple_der (unsigned int etype, const unsigned 
char *str,
+   return ASN1_SUCCESS;
+ }
+ 
++#if 0 /* GRUB SKIPPED IMPORTING */
+ /******************************************************/
+ /* Function : _asn1_time_der                          */
+ /* Description: creates the DER coding for a TIME     */
+@@ -278,7 +280,7 @@ _asn1_time_der (unsigned char *str, int str_len, unsigned 
char *der,
+ 
+   return ASN1_SUCCESS;
+ }
+-
++#endif
+ 
+ /*
+ void
+@@ -519,6 +521,7 @@ asn1_bit_der (const unsigned char *str, int bit_len,
+ }
+ 
+ 
++#if 0 /* GRUB SKIPPED IMPORTING */
+ /******************************************************/
+ /* Function : _asn1_complete_explicit_tag             */
+ /* Description: add the length coding to the EXPLICIT */
+@@ -595,6 +598,7 @@ _asn1_complete_explicit_tag (asn1_node node, unsigned char 
*der,
+ 
+   return ASN1_SUCCESS;
+ }
++#endif
+ 
+ const tag_and_class_st _asn1_tags[] = {
+   [ASN1_ETYPE_GENERALSTRING] =
+@@ -647,6 +651,8 @@ const tag_and_class_st _asn1_tags[] = {
+ 
+ unsigned int _asn1_tags_size = sizeof (_asn1_tags) / sizeof (_asn1_tags[0]);
+ 
++
++#if 0 /* GRUB SKIPPED IMPORTING */
+ /******************************************************/
+ /* Function : _asn1_insert_tag_der                    */
+ /* Description: creates the DER coding of tags of one */
+@@ -1423,3 +1429,5 @@ error:
+   asn1_delete_structure (&node);
+   return err;
+ }
++
++#endif
+diff --git a/grub-core/lib/libtasn1/lib/decoding.c 
b/grub-core/lib/libtasn1/lib/decoding.c
+index b9245c486..bf9cb13ac 100644
+--- a/grub-core/lib/libtasn1/lib/decoding.c
++++ b/grub-core/lib/libtasn1/lib/decoding.c
+@@ -1620,6 +1620,7 @@ asn1_der_decoding (asn1_node * element, const void 
*ider, int ider_len,
+   return asn1_der_decoding2 (element, ider, &ider_len, 0, errorDescription);
+ }
+ 
++#if 0 /* GRUB SKIPPED IMPORTING */
+ /**
+  * asn1_der_decoding_element:
+  * @structure: pointer to an ASN1 structure
+@@ -1650,6 +1651,7 @@ asn1_der_decoding_element (asn1_node * structure, const 
char *elementName,
+ {
+   return asn1_der_decoding (structure, ider, len, errorDescription);
+ }
++#endif
+ 
+ /**
+  * asn1_der_decoding_startEnd:
+diff --git a/grub-core/lib/libtasn1/lib/element.c 
b/grub-core/lib/libtasn1/lib/element.c
+index d4c558e10..bc4c3c8d7 100644
+--- a/grub-core/lib/libtasn1/lib/element.c
++++ b/grub-core/lib/libtasn1/lib/element.c
+@@ -118,7 +118,7 @@ _asn1_convert_integer (const unsigned char *value, 
unsigned char *value_out,
+       value_out[k2 - k] = val[k2];
+     }
+ 
+-#if 0
++#if 0 /* GRUB SKIPPED IMPORTING */
+   printf ("_asn1_convert_integer: valueIn=%s, lenOut=%d", value, *len);
+   for (k = 0; k < SIZEOF_UNSIGNED_LONG_INT; k++)
+     printf (", vOut[%d]=%d", k, value_out[k]);
+@@ -191,7 +191,7 @@ _asn1_append_sequence_set (asn1_node node, struct 
node_tail_cache_st *pcache)
+   return ASN1_SUCCESS;
+ }
+ 
+-
++#if 0
+ /**
+  * asn1_write_value:
+  * @node_root: pointer to a structure
+@@ -646,7 +646,7 @@ asn1_write_value (asn1_node node_root, const char *name,
+ 
+   return ASN1_SUCCESS;
+ }
+-
++#endif
+ 
+ #define PUT_VALUE( ptr, ptr_size, data, data_size) \
+       *len = data_size; \
+diff --git a/grub-core/lib/libtasn1/lib/errors.c 
b/grub-core/lib/libtasn1/lib/errors.c
+index aef5dfe6f..2b2322152 100644
+--- a/grub-core/lib/libtasn1/lib/errors.c
++++ b/grub-core/lib/libtasn1/lib/errors.c
+@@ -57,6 +57,8 @@ static const libtasn1_error_entry error_algorithms[] = {
+   {0, 0}
+ };
+ 
++
++#if 0 /* GRUB SKIPPED IMPORTING */
+ /**
+  * asn1_perror:
+  * @error: is an error returned by a libtasn1 function.
+@@ -73,6 +75,7 @@ asn1_perror (int error)
+   const char *str = asn1_strerror (error);
+   fprintf (stderr, "LIBTASN1 ERROR: %s\n", str ? str : "(null)");
+ }
++#endif
+ 
+ /**
+  * asn1_strerror:
+diff --git a/grub-core/lib/libtasn1/lib/structure.c 
b/grub-core/lib/libtasn1/lib/structure.c
+index 512dd601f..f5a947d57 100644
+--- a/grub-core/lib/libtasn1/lib/structure.c
++++ b/grub-core/lib/libtasn1/lib/structure.c
+@@ -76,7 +76,7 @@ _asn1_find_left (asn1_node_const node)
+   return node->left;
+ }
+ 
+-
++#if 0 /* GRUB SKIPPED IMPORTING */
+ int
+ _asn1_create_static_structure (asn1_node_const pointer,
+                              char *output_file_name, char *vector_name)
+@@ -155,7 +155,7 @@ _asn1_create_static_structure (asn1_node_const pointer,
+ 
+   return ASN1_SUCCESS;
+ }
+-
++#endif
+ 
+ /**
+  * asn1_array2tree:
+@@ -721,7 +721,7 @@ asn1_create_element (asn1_node_const definitions, const 
char *source_name,
+   return res;
+ }
+ 
+-
++#if 0 /* GRUB SKIPPED IMPORTING */
+ /**
+  * asn1_print_structure:
+  * @out: pointer to the output file (e.g. stdout).
+@@ -1062,7 +1062,7 @@ asn1_print_structure (FILE * out, asn1_node_const 
structure, const char *name,
+       }
+     }
+ }
+-
++#endif
+ 
+ 
+ /**
+@@ -1158,6 +1158,7 @@ asn1_find_structure_from_oid (asn1_node_const 
definitions,
+   return NULL;                        /* ASN1_ELEMENT_NOT_FOUND; */
+ }
+ 
++#if 0 /* GRUB SKIPPED IMPORTING */
+ /**
+  * asn1_copy_node:
+  * @dst: Destination asn1 node.
+@@ -1207,6 +1208,7 @@ asn1_copy_node (asn1_node dst, const char *dst_name,
+ 
+   return result;
+ }
++#endif
+ 
+ /**
+  * asn1_dup_node:
+diff --git a/include/grub/libtasn1.h b/include/grub/libtasn1.h
+index 51cc7879f..058ab27b0 100644
+--- a/include/grub/libtasn1.h
++++ b/include/grub/libtasn1.h
+@@ -318,6 +318,8 @@ extern "C"
+ /*  Functions definitions          */
+ /***********************************/
+ 
++/* These functions are not used in grub and should not be referenced. */
++# if 0 /* GRUB SKIPPED IMPORTING */
+   extern ASN1_API int
+     asn1_parser2tree (const char *file,
+                     asn1_node * definitions, char *error_desc);
+@@ -326,14 +328,17 @@ extern "C"
+     asn1_parser2array (const char *inputFileName,
+                      const char *outputFileName,
+                      const char *vectorName, char *error_desc);
++# endif
+ 
+   extern ASN1_API int
+     asn1_array2tree (const asn1_static_node * array,
+                    asn1_node * definitions, char *errorDescription);
+ 
++# if 0 /* GRUB SKIPPED IMPORTING */
+   extern ASN1_API void
+     asn1_print_structure (FILE * out, asn1_node_const structure,
+                         const char *name, int mode);
++# endif
+ 
+   extern ASN1_API int
+     asn1_create_element (asn1_node_const definitions,
+@@ -347,9 +352,11 @@ extern "C"
+   extern ASN1_API int
+     asn1_delete_element (asn1_node structure, const char *element_name);
+ 
++# if 0 /* GRUB SKIPPED IMPORTING */
+   extern ASN1_API int
+     asn1_write_value (asn1_node node_root, const char *name,
+                     const void *ivalue, int len);
++# endif
+ 
+   extern ASN1_API int
+     asn1_read_value (asn1_node_const root, const char *name,
+@@ -366,9 +373,11 @@ extern "C"
+     asn1_number_of_elements (asn1_node_const element, const char *name,
+                            int *num);
+ 
++# if 0 /* GRUB SKIPPED IMPORTING */
+   extern ASN1_API int
+     asn1_der_coding (asn1_node_const element, const char *name,
+                    void *ider, int *len, char *ErrorDescription);
++# endif
+ 
+   extern ASN1_API int
+     asn1_der_decoding2 (asn1_node * element, const void *ider,
+@@ -379,6 +388,7 @@ extern "C"
+     asn1_der_decoding (asn1_node * element, const void *ider,
+                      int ider_len, char *errorDescription);
+ 
++# if 0 /* GRUB SKIPPED IMPORTING */
+ /* Do not use. Use asn1_der_decoding() instead. */
+   extern ASN1_API int
+     asn1_der_decoding_element (asn1_node * structure,
+@@ -386,6 +396,7 @@ extern "C"
+                              const void *ider, int len,
+                              char *errorDescription)
+     _ASN1_GCC_ATTR_DEPRECATED;
++# endif
+ 
+   extern ASN1_API int
+     asn1_der_decoding_startEnd (asn1_node element,
+@@ -411,12 +422,16 @@ extern "C"
+                                                           const char
+                                                           *oidValue);
+ 
++# if 0 /* GRUB SKIPPED IMPORTING */
+     __LIBTASN1_PURE__
+     extern ASN1_API const char *asn1_check_version (const char *req_version);
++# endif
+ 
+   __LIBTASN1_PURE__ extern ASN1_API const char *asn1_strerror (int error);
+ 
++# if 0 /* GRUB SKIPPED IMPORTING */
+   extern ASN1_API void asn1_perror (int error);
++# endif
+ 
+ # define ASN1_MAX_TAG_SIZE 4
+ # define ASN1_MAX_LENGTH_SIZE 9
+-- 
+2.35.3
+
diff --git 
a/grub-core/lib/libtasn1-patches/0002-libtasn1-changes-for-grub-compatibility.patch
 
b/grub-core/lib/libtasn1-patches/0002-libtasn1-changes-for-grub-compatibility.patch
new file mode 100644
index 000000000..5ab885e91
--- /dev/null
+++ 
b/grub-core/lib/libtasn1-patches/0002-libtasn1-changes-for-grub-compatibility.patch
@@ -0,0 +1,135 @@
+From d13793c210999b256b46970b5f76d41a57e5c8fc Mon Sep 17 00:00:00 2001
+From: Daniel Axtens <dja@axtens.net>
+Date: Fri, 1 May 2020 20:44:29 +1000
+Subject: [PATCH 2/3] libtasn1: changes for grub compatibility
+
+Do a few things to make libtasn1 compile as part of grub:
+
+ - remove _asn1_strcat and replace strcat with the bound-checked
+   _asn1_str_cat except the one inside _asn1_str_cat. That strcat is
+   replaced with strcpy.
+
+ - adjust header paths in libtasn1.h
+
+ - adjust header paths to "grub/libtasn1.h".
+
+ - replace a 64 bit division with a call to grub_divmod64, preventing
+   creation of __udivdi3 calls on 32 bit platforms.
+
+Cc: Vladimir Serbinenko <phcoder@gmail.com>
+Signed-off-by: Daniel Axtens <dja@axtens.net>
+Signed-off-by: Gary Lin <glin@suse.com>
+---
+ grub-core/lib/libtasn1/lib/decoding.c   | 8 ++++----
+ grub-core/lib/libtasn1/lib/element.c    | 2 +-
+ grub-core/lib/libtasn1/lib/gstr.c       | 2 +-
+ grub-core/lib/libtasn1/lib/int.h        | 3 +--
+ grub-core/lib/libtasn1/lib/parser_aux.c | 2 +-
+ include/grub/libtasn1.h                 | 5 ++---
+ 6 files changed, 10 insertions(+), 12 deletions(-)
+
+diff --git a/grub-core/lib/libtasn1/lib/decoding.c 
b/grub-core/lib/libtasn1/lib/decoding.c
+index bf9cb13ac..51859fe36 100644
+--- a/grub-core/lib/libtasn1/lib/decoding.c
++++ b/grub-core/lib/libtasn1/lib/decoding.c
+@@ -2016,8 +2016,8 @@ asn1_expand_octet_string (asn1_node_const definitions, 
asn1_node * element,
+         (p2->type & CONST_ASSIGN))
+       {
+         strcpy (name, definitions->name);
+-        strcat (name, ".");
+-        strcat (name, p2->name);
++        _asn1_str_cat (name, sizeof (name), ".");
++        _asn1_str_cat (name, sizeof (name), p2->name);
+ 
+         len = sizeof (value);
+         result = asn1_read_value (definitions, name, value, &len);
+@@ -2034,8 +2034,8 @@ asn1_expand_octet_string (asn1_node_const definitions, 
asn1_node * element,
+             if (p2)
+               {
+                 strcpy (name, definitions->name);
+-                strcat (name, ".");
+-                strcat (name, p2->name);
++                _asn1_str_cat (name, sizeof (name), ".");
++                _asn1_str_cat (name, sizeof (name), p2->name);
+ 
+                 result = asn1_create_element (definitions, name, &aux);
+                 if (result == ASN1_SUCCESS)
+diff --git a/grub-core/lib/libtasn1/lib/element.c 
b/grub-core/lib/libtasn1/lib/element.c
+index bc4c3c8d7..8694fecb9 100644
+--- a/grub-core/lib/libtasn1/lib/element.c
++++ b/grub-core/lib/libtasn1/lib/element.c
+@@ -688,7 +688,7 @@ asn1_write_value (asn1_node node_root, const char *name,
+                 return ASN1_MEM_ERROR; \
+         } else { \
+                 /* this strcat is checked */ \
+-                if (ptr) _asn1_strcat (ptr, data); \
++                if (ptr) _asn1_str_cat ((char *)ptr, ptr_size, (const char 
*)data); \
+         }
+ 
+ /**
+diff --git a/grub-core/lib/libtasn1/lib/gstr.c 
b/grub-core/lib/libtasn1/lib/gstr.c
+index eef419554..a9c16f5d3 100644
+--- a/grub-core/lib/libtasn1/lib/gstr.c
++++ b/grub-core/lib/libtasn1/lib/gstr.c
+@@ -36,7 +36,7 @@ _asn1_str_cat (char *dest, size_t dest_tot_size, const char 
*src)
+ 
+   if (dest_tot_size - dest_size > str_size)
+     {
+-      strcat (dest, src);
++      strcpy (dest + dest_size, src);
+     }
+   else
+     {
+diff --git a/grub-core/lib/libtasn1/lib/int.h 
b/grub-core/lib/libtasn1/lib/int.h
+index d94d51c8c..7409c7655 100644
+--- a/grub-core/lib/libtasn1/lib/int.h
++++ b/grub-core/lib/libtasn1/lib/int.h
+@@ -35,7 +35,7 @@
+ #  include <sys/types.h>
+ # endif
+ 
+-# include <libtasn1.h>
++# include "grub/libtasn1.h"
+ 
+ # define ASN1_SMALL_VALUE_SIZE 16
+ 
+@@ -115,7 +115,6 @@ extern const tag_and_class_st _asn1_tags[];
+ # define _asn1_strtoul(n,e,b) strtoul((const char *) n, e, b)
+ # define _asn1_strcmp(a,b) strcmp((const char *)a, (const char *)b)
+ # define _asn1_strcpy(a,b) strcpy((char *)a, (const char *)b)
+-# define _asn1_strcat(a,b) strcat((char *)a, (const char *)b)
+ 
+ # if SIZEOF_UNSIGNED_LONG_INT == 8
+ #  define _asn1_strtou64(n,e,b) strtoul((const char *) n, e, b)
+diff --git a/grub-core/lib/libtasn1/lib/parser_aux.c 
b/grub-core/lib/libtasn1/lib/parser_aux.c
+index c05bd2339..e4e4c0556 100644
+--- a/grub-core/lib/libtasn1/lib/parser_aux.c
++++ b/grub-core/lib/libtasn1/lib/parser_aux.c
+@@ -632,7 +632,7 @@ _asn1_ltostr (int64_t v, char str[LTOSTR_MAX_SIZE])
+   count = 0;
+   do
+     {
+-      d = val / 10;
++      d = grub_divmod64(val, 10, NULL);
+       r = val - d * 10;
+       temp[start + count] = '0' + (char) r;
+       count++;
+diff --git a/include/grub/libtasn1.h b/include/grub/libtasn1.h
+index 058ab27b0..7d64b6ab7 100644
+--- a/include/grub/libtasn1.h
++++ b/include/grub/libtasn1.h
+@@ -54,9 +54,8 @@
+ #  define __LIBTASN1_PURE__
+ # endif
+ 
+-# include <sys/types.h>
+-# include <time.h>
+-# include <stdio.h>           /* for FILE* */
++# include <grub/types.h>
++# include <grub/time.h>
+ 
+ # ifdef __cplusplus
+ extern "C"
+-- 
+2.35.3
+
diff --git 
a/grub-core/lib/libtasn1-patches/0003-libtasn1-fix-the-potential-buffer-overrun.patch
 
b/grub-core/lib/libtasn1-patches/0003-libtasn1-fix-the-potential-buffer-overrun.patch
new file mode 100644
index 000000000..2c4f4d394
--- /dev/null
+++ 
b/grub-core/lib/libtasn1-patches/0003-libtasn1-fix-the-potential-buffer-overrun.patch
@@ -0,0 +1,35 @@
+From 8f7c3c3b28a312f77499159c52f313487fba0d08 Mon Sep 17 00:00:00 2001
+From: Gary Lin <glin@suse.com>
+Date: Mon, 8 Apr 2024 14:57:21 +0800
+Subject: [PATCH 3/3] libtasn1: fix the potential buffer overrun
+
+In _asn1_tag_der(), the first while loop for the long form may end up
+with a 'k' value with 'ASN1_MAX_TAG_SIZE' and cause the buffer overrun
+in the second while loop. This commit tweaks the conditional check to
+avoid producing a too large 'k'.
+
+This is a quick fix and may differ from the official upstream fix.
+
+libtasn1 issue: https://gitlab.com/gnutls/libtasn1/-/issues/49
+
+Signed-off-by: Gary Lin <glin@suse.com>
+---
+ grub-core/lib/libtasn1/lib/coding.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/grub-core/lib/libtasn1/lib/coding.c 
b/grub-core/lib/libtasn1/lib/coding.c
+index 5d03bca9d..0458829a5 100644
+--- a/grub-core/lib/libtasn1/lib/coding.c
++++ b/grub-core/lib/libtasn1/lib/coding.c
+@@ -143,7 +143,7 @@ _asn1_tag_der (unsigned char class, unsigned int tag_value,
+         temp[k++] = tag_value & 0x7F;
+         tag_value >>= 7;
+ 
+-        if (k > ASN1_MAX_TAG_SIZE - 1)
++        if (k >= ASN1_MAX_TAG_SIZE - 1)
+           break;              /* will not encode larger tags */
+       }
+       *ans_len = k + 1;
+-- 
+2.35.3
+
-- 
2.35.3




reply via email to

[Prev in Thread] Current Thread [Next in Thread]