rpc-server: Disable parsing CKF_ARRAY_ATTRIBUTE
This commit is contained in:
panxiaohe
parent
bfeea168ae
commit
e0651682e6
@ -0,0 +1,51 @@
|
||||
From b3243a754763f6df19351593781b88e277a324bc Mon Sep 17 00:00:00 2001
|
||||
From: Daiki Ueno <ueno@gnu.org>
|
||||
Date: Sun, 23 May 2021 18:28:57 +0200
|
||||
Subject: [PATCH] rpc-server: Disable parsing CKF_ARRAY_ATTRIBUTE
|
||||
|
||||
This is a temporary measure to avoid oss-fuzz failure. When the
|
||||
attribute array is nested, the current internal API cannot determine
|
||||
the actual size of data that need to be stored, because ulValueLen is
|
||||
set to the attribute count times sizeof(CK_ATTRIBUTE).
|
||||
|
||||
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
||||
---
|
||||
p11-kit/rpc-client.c | 5 +++++
|
||||
p11-kit/rpc-server.c | 5 +++++
|
||||
2 files changed, 10 insertions(+)
|
||||
|
||||
diff --git a/p11-kit/rpc-client.c b/p11-kit/rpc-client.c
|
||||
index 6e9cd60..ae66375 100644
|
||||
--- a/p11-kit/rpc-client.c
|
||||
+++ b/p11-kit/rpc-client.c
|
||||
@@ -241,6 +241,11 @@ proto_read_attribute_array (p11_rpc_message *msg,
|
||||
return PARSE_ERROR;
|
||||
}
|
||||
|
||||
+ if (temp.type & CKF_ARRAY_ATTRIBUTE) {
|
||||
+ p11_debug("recursive attribute array is not supported");
|
||||
+ return PARSE_ERROR;
|
||||
+ }
|
||||
+
|
||||
/* Try and stuff it in the output data */
|
||||
if (arr) {
|
||||
CK_ATTRIBUTE *attr = &(arr[i]);
|
||||
diff --git a/p11-kit/rpc-server.c b/p11-kit/rpc-server.c
|
||||
index 796a674..ba7240e 100644
|
||||
--- a/p11-kit/rpc-server.c
|
||||
+++ b/p11-kit/rpc-server.c
|
||||
@@ -323,6 +323,11 @@ proto_read_attribute_array (p11_rpc_message *msg,
|
||||
return PARSE_ERROR;
|
||||
}
|
||||
|
||||
+ if (temp.type & CKF_ARRAY_ATTRIBUTE) {
|
||||
+ p11_debug("recursive attribute array is not supported");
|
||||
+ return PARSE_ERROR;
|
||||
+ }
|
||||
+
|
||||
attrs[i].type = temp.type;
|
||||
|
||||
/* Whether this one is valid or not */
|
||||
--
|
||||
1.8.3.1
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
Name: p11-kit
|
||||
Version: 0.23.20
|
||||
Release: 3
|
||||
Release: 4
|
||||
Summary: Provides a way to load and enumerate PKCS#11 modules.
|
||||
License: BSD
|
||||
URL: http://p11-glue.freedesktop.org/p11-kit.html
|
||||
@ -14,6 +14,7 @@ Patch2: backport-proxy-Fix-slot-ID-reuse-avoiding-duplicating-IDs.patch
|
||||
Patch3: backport-0001-CVE-2020-29361-Check-for-arithmetic-overflows-before-allocating.patch
|
||||
Patch4: backport-0002-CVE-2020-29361-Follow-up-to-arithmetic-overflow-fix.patch
|
||||
Patch5: backport-anchor-Exit-with-non-zero-code-if-any-error-occurs.patch
|
||||
Patch6: backport-rpc-server-Disable-parsing-CKF_ARRAY_ATTRIBUTE.patch
|
||||
|
||||
BuildRequires: gcc libtasn1-devel >= 2.3 libffi-devel gtk-doc systemd-devel pkgconfig(glib-2.0) libxslt
|
||||
BuildRequires: bash-completion
|
||||
@ -129,6 +130,9 @@ fi
|
||||
%{_datadir}/bash-completion/completions/trust
|
||||
|
||||
%changelog
|
||||
* Mon Dec 27 2021 panxiaohe <panxiaohe@huawei.com> - 0.23.20-4
|
||||
- rpc-server: Disable parsing CKF_ARRAY_ATTRIBUTE
|
||||
|
||||
* Sat Sep 18 2021 panxiaohe <panxiaohe@huawei.com> - 0.23.20-3
|
||||
- anchor: Exit with non-zero code, if any error occurs
|
||||
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user