Uploaded image for project: 'Santuario'
  1. Santuario
  2. SANTUARIO-447

XSECCryptoX509::loadX509PEM() can read past unterminated buffer

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Fixed
    • C++ 1.7.3
    • C++ 2.0.0
    • C++
    • None

    Description

      If XSECCryptoX509::loadX509PEM(buf, len) is called with a nonzero len argument, it makes a zero-terminated copy (b) of the passed buffer, but still calls strstr() on the buf pointer passed to the function, not on b. This lets strstr() read past the memory region designated by the caller.

      Attachments

        Activity

          People

            scantor Scott Cantor
            wferi Ferenc W√°gner
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: