File libcryptopp-CVE-2016-9939.patch of Package libcryptopp.32010
Index: libcryptopp-5.6.5/asn.cpp
===================================================================
--- libcryptopp-5.6.5.orig/asn.cpp 2021-09-07 12:43:04.245957955 +0200
+++ libcryptopp-5.6.5/asn.cpp 2021-09-07 12:49:34.676301343 +0200
@@ -123,6 +123,8 @@ size_t BERDecodeOctetString(BufferedTran
size_t bc;
if (!BERLengthDecode(bt, bc))
BERDecodeError();
+ if (bc > bt.MaxRetrievable())
+ BERDecodeError();
str.New(bc);
if (bc != bt.Get(str, bc))
@@ -139,6 +141,8 @@ size_t BERDecodeOctetString(BufferedTran
size_t bc;
if (!BERLengthDecode(bt, bc))
BERDecodeError();
+ if (bc > bt.MaxRetrievable())
+ BERDecodeError();
bt.TransferTo(str, bc);
return bc;
@@ -161,6 +165,8 @@ size_t BERDecodeTextString(BufferedTrans
size_t bc;
if (!BERLengthDecode(bt, bc))
BERDecodeError();
+ if (bc > bt.MaxRetrievable())
+ BERDecodeError();
SecByteBlock temp(bc);
if (bc != bt.Get(temp, bc))
@@ -188,7 +194,10 @@ size_t BERDecodeBitString(BufferedTransf
size_t bc;
if (!BERLengthDecode(bt, bc))
BERDecodeError();
-
+ if (bc == 0)
+ BERDecodeError();
+ if (bc > bt.MaxRetrievable())
+ BERDecodeError();
byte unused;
if (!bt.Get(unused))
BERDecodeError();
Index: libcryptopp-5.6.5/asn.h
===================================================================
--- libcryptopp-5.6.5.orig/asn.h 2021-09-07 12:43:04.245957955 +0200
+++ libcryptopp-5.6.5/asn.h 2021-09-07 12:50:28.728625771 +0200
@@ -486,6 +486,8 @@ void BERDecodeUnsigned(BufferedTransform
bool definite = BERLengthDecode(in, bc);
if (!definite)
BERDecodeError();
+ if (bc > in.MaxRetrievable())
+ BERDecodeError();
SecByteBlock buf(bc);