Overview

File libtasn1-CVE-2025-13151.patch of Package libtasn1.42182

From d276cc495a2a32b182c3c39851f1ba58f2d9f9b8 Mon Sep 17 00:00:00 2001
From: Vijay Sarvepalli <vssarvepalli@cert.org>
Date: Mon, 22 Dec 2025 12:24:27 -0500
Subject: [PATCH] Fix for CVE-2025-13151 Buffer overflow

Signed-off-by: Simon Josefsson <simon@josefsson.org>
---
 lib/decoding.c | 2 +-

Index: libtasn1-4.13/lib/decoding.c
===================================================================
--- libtasn1-4.13.orig/lib/decoding.c
+++ libtasn1-4.13/lib/decoding.c
@@ -1933,7 +1933,7 @@ int
 asn1_expand_octet_string (asn1_node definitions, asn1_node * element,
 			  const char *octetName, const char *objectName)
 {
-  char name[2 * ASN1_MAX_NAME_SIZE + 1], value[ASN1_MAX_NAME_SIZE];
+  char name[2 * ASN1_MAX_NAME_SIZE + 2], value[ASN1_MAX_NAME_SIZE];
   int retCode = ASN1_SUCCESS, result;
   int len, len2, len3;
   asn1_node p2, aux = NULL;
openSUSE Build Service is sponsored by
Places