• Ben Hutchings's avatar
    reglib: Validate all structure and array lengths · f4c3e3fc
    Ben Hutchings authored
    Add checks that:
    - Signature length does not exceed the file length (this was already
      checked, but did not account for signature lengths greater than 2 GB)
    - Database length is long enough for all structures we expect in it
    - Array length calculations will not overflow
    
    To keep these checks simple, change the types of array length and index
    variables to unsigned int (must be at least 32-bit, matching the file
    format) and the types of byte-length variables to size_t.
    
    Alexandre Rebert <alexandre@cmu.edu> reported and provided a test case
    for the signature length issue; the others I found by inspection.
    Signed-off-by: Ben Hutchings's avatarBen Hutchings <ben@decadent.org.uk>
    Signed-off-by: 's avatarLuis R. Rodriguez <mcgrof@do-not-panic.com>
    f4c3e3fc
Name
Last commit
Last update
debian-example Loading commit data...
pubkeys Loading commit data...
udev Loading commit data...
utils Loading commit data...
.gitignore Loading commit data...
LICENSE Loading commit data...
Makefile Loading commit data...
README Loading commit data...
crda.8 Loading commit data...
crda.c Loading commit data...
crda.spec Loading commit data...
intersect.c Loading commit data...
nl80211.h Loading commit data...
regdb.h Loading commit data...
regdbdump.8 Loading commit data...
regdbdump.c Loading commit data...
reglib.c Loading commit data...
reglib.h Loading commit data...