52 lines
1.5 KiB
Diff
52 lines
1.5 KiB
Diff
From b3243a754763f6df19351593781b88e277a324bc Mon Sep 17 00:00:00 2001
|
|
From: Daiki Ueno <ueno@gnu.org>
|
|
Date: Sun, 23 May 2021 18:28:57 +0200
|
|
Subject: [PATCH] rpc-server: Disable parsing CKF_ARRAY_ATTRIBUTE
|
|
|
|
This is a temporary measure to avoid oss-fuzz failure. When the
|
|
attribute array is nested, the current internal API cannot determine
|
|
the actual size of data that need to be stored, because ulValueLen is
|
|
set to the attribute count times sizeof(CK_ATTRIBUTE).
|
|
|
|
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
|
---
|
|
p11-kit/rpc-client.c | 5 +++++
|
|
p11-kit/rpc-server.c | 5 +++++
|
|
2 files changed, 10 insertions(+)
|
|
|
|
diff --git a/p11-kit/rpc-client.c b/p11-kit/rpc-client.c
|
|
index 6e9cd60..ae66375 100644
|
|
--- a/p11-kit/rpc-client.c
|
|
+++ b/p11-kit/rpc-client.c
|
|
@@ -241,6 +241,11 @@ proto_read_attribute_array (p11_rpc_message *msg,
|
|
return PARSE_ERROR;
|
|
}
|
|
|
|
+ if (temp.type & CKF_ARRAY_ATTRIBUTE) {
|
|
+ p11_debug("recursive attribute array is not supported");
|
|
+ return PARSE_ERROR;
|
|
+ }
|
|
+
|
|
/* Try and stuff it in the output data */
|
|
if (arr) {
|
|
CK_ATTRIBUTE *attr = &(arr[i]);
|
|
diff --git a/p11-kit/rpc-server.c b/p11-kit/rpc-server.c
|
|
index 796a674..ba7240e 100644
|
|
--- a/p11-kit/rpc-server.c
|
|
+++ b/p11-kit/rpc-server.c
|
|
@@ -323,6 +323,11 @@ proto_read_attribute_array (p11_rpc_message *msg,
|
|
return PARSE_ERROR;
|
|
}
|
|
|
|
+ if (temp.type & CKF_ARRAY_ATTRIBUTE) {
|
|
+ p11_debug("recursive attribute array is not supported");
|
|
+ return PARSE_ERROR;
|
|
+ }
|
|
+
|
|
attrs[i].type = temp.type;
|
|
|
|
/* Whether this one is valid or not */
|
|
--
|
|
1.8.3.1
|
|
|