[Bug 1511108] [NEW] Handle odd buffer lengths in checksum
Linn Crosetto
linn at hpe.com
Wed Oct 28 20:39:31 UTC 2015
Public bug reported:
Buffers of odd length can be passed to the checksum, for example
signatures. This results in reading 1 byte beyond the buffer and can
produce an incorrect checksum if the extra byte is non-zero.
Attaching a patch changing csum_bytes() to prevent overflowing the
buffer, while taking the extra byte into account if the length is odd.
Tested with a UEFI binary containing an odd-length signature, and also
detach/attach on a binary signed with Microsoft signtool.
** Affects: sbsigntool (Ubuntu)
Importance: Undecided
Status: New
** Patch added: "0001-Handle-odd-buffer-lengths-in-checksum.patch"
https://bugs.launchpad.net/bugs/1511108/+attachment/4507901/+files/0001-Handle-odd-buffer-lengths-in-checksum.patch
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to sbsigntool in Ubuntu.
https://bugs.launchpad.net/bugs/1511108
Title:
Handle odd buffer lengths in checksum
Status in sbsigntool package in Ubuntu:
New
Bug description:
Buffers of odd length can be passed to the checksum, for example
signatures. This results in reading 1 byte beyond the buffer and can
produce an incorrect checksum if the extra byte is non-zero.
Attaching a patch changing csum_bytes() to prevent overflowing the
buffer, while taking the extra byte into account if the length is odd.
Tested with a UEFI binary containing an odd-length signature, and also
detach/attach on a binary signed with Microsoft signtool.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/sbsigntool/+bug/1511108/+subscriptions
More information about the foundations-bugs
mailing list