2015-08-05 13:26:09

by David Howells

[permalink] [raw]
Subject: [GIT PULL] ASN.1 fixes

Hi James,

Can you pull these fixes for the ASN.1 compiler and decoder into the
security/next tree and also pass them onto Linus for immediate inclusion?

I've checked that the bugs fixed can't be used to compromise a system, so I
think they're survivable, but all the same, it's best if they're fixed
immediately (if I'm wrong, there's the possibility of handing memcpy() a
NULL pointer).

Here can be found a pair of programs to take BER/DER-encoded X.509 and
PKCS#7 and turn it into text which can be edited and turn the edited text
back into BER. This allows the ASN.1 to be butchered in interesting ways.

http://people.redhat.com/dhowells/asn1encode.c
http://people.redhat.com/dhowells/asn1decode.c

David
---

The following changes since commit 52721d9d3334c1cb1f76219a161084094ec634dc:

Linux 4.2-rc3 (2015-07-19 14:45:02 -0700)

are available in the git repository at:

git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git tags/asn1-fixes-20150805

for you to fetch changes up to 233ce79db4b23a174bcf30bde5d6ad913d5f46d3:

ASN.1: Handle 'ANY OPTIONAL' in grammar (2015-08-05 13:38:07 +0100)

----------------------------------------------------------------
ASN.1 fixes

----------------------------------------------------------------
David Howells (4):
ASN.1: Fix handling of CHOICE in ASN.1 compiler
ASN.1: Fix actions on CHOICE elements with IMPLICIT tags
ASN.1: Fix non-match detection failure on data overrun
ASN.1: Handle 'ANY OPTIONAL' in grammar

include/linux/asn1_ber_bytecode.h | 16 +++++++++++-----
lib/asn1_decoder.c | 27 +++++++++++++++++++++++----
scripts/asn1_compiler.c | 23 ++++++++++++++---------
3 files changed, 48 insertions(+), 18 deletions(-)


2015-08-07 03:08:55

by James Morris

[permalink] [raw]
Subject: Re: [GIT PULL] ASN.1 fixes

On Wed, 5 Aug 2015, David Howells wrote:

> Hi James,
>
> Can you pull these fixes for the ASN.1 compiler and decoder into the
> security/next tree and also pass them onto Linus for immediate inclusion?
>

Pulled to my -next branch, but it's too late really for 4.2, for this
class of bugfix.


--
James Morris
<[email protected]>

2015-08-07 07:47:31

by David Howells

[permalink] [raw]
Subject: Re: [GIT PULL] ASN.1 fixes

James Morris <[email protected]> wrote:

> Pulled to my -next branch, but it's too late really for 4.2, for this
> class of bugfix.

Thanks. That'll do.

David