View Issue Details

IDProjectCategoryView StatusLast Update
0007634GNUnetreclaimpublic2023-06-01 20:26
Reporterulfvonbelow Assigned Toschanzen  
PrioritynormalSeverityminorReproducibilityalways
Status closedResolutionfixed 
Product VersionGit master 
Target Version0.19.4Fixed in Version0.19.4 
Summary0007634: Buffer one-too-small in DID_identity_to_did
DescriptionNeeds room for the null terminator. sscanf writes 1 byte past the end of pkey_str.
Steps To Reproduce./configure --enable-sanitizer
make
make install
make check
Additional InformationPatch attached.
Tagsbug, patch
Attached Files
0001-RECLAIM-fix-1-byte-overflow-in-DID_did_to_pkey.patch (911 bytes)   
From 555952e3d75bdba717534237d9b2aad50fe38d24 Mon Sep 17 00:00:00 2001
From: ulfvonbelow <strilen@tilde.club>
Date: Sun, 29 Jan 2023 06:10:49 -0600
Subject: [PATCH] RECLAIM: fix 1-byte overflow in DID_did_to_pkey.

Needs to be able to fit a null-terminator as well.
---
 src/reclaim/did_helper.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/reclaim/did_helper.c b/src/reclaim/did_helper.c
index 5600b7440..17f3b21b2 100644
--- a/src/reclaim/did_helper.c
+++ b/src/reclaim/did_helper.c
@@ -78,7 +78,7 @@ DID_identity_to_did (struct GNUNET_IDENTITY_Ego *ego)
 enum GNUNET_GenericReturnValue
 DID_did_to_pkey (const char *did, struct GNUNET_IDENTITY_PublicKey *pkey)
 {
-  char pkey_str[MAX_DID_SPECIFIC_IDENTIFIER_LENGTH];
+  char pkey_str[MAX_DID_SPECIFIC_IDENTIFIER_LENGTH + 1]; /* 0-term */
 
   if ((1 != (sscanf (did,
                      GNUNET_DID_METHOD_PREFIX "%"
-- 
2.38.1

Activities

schanzen

2023-06-01 20:26

administrator   ~0020233

released some time ago

Issue History

Date Modified Username Field Change
2023-01-29 22:34 ulfvonbelow New Issue
2023-01-29 22:34 ulfvonbelow Tag Attached: bug
2023-01-29 22:34 ulfvonbelow Tag Attached: patch
2023-01-29 22:34 ulfvonbelow File Added: 0001-RECLAIM-fix-1-byte-overflow-in-DID_did_to_pkey.patch
2023-02-06 06:09 schanzen Assigned To => schanzen
2023-02-06 06:09 schanzen Status new => resolved
2023-02-06 06:09 schanzen Resolution open => fixed
2023-02-06 06:09 schanzen Fixed in Version => 0.19.4
2023-02-06 06:19 schanzen Target Version => 0.19.4
2023-06-01 20:26 schanzen Note Added: 0020233
2023-06-01 20:26 schanzen Status resolved => closed