From 400e49a7b1656eb7a54e8324f1dfa8988d36ecb8 Mon Sep 17 00:00:00 2001 From: yixiangzhike Date: Wed, 8 Jun 2022 11:14:02 +0800 Subject: [PATCH] fix fuzz issues Signed-off-by: yixiangzhike --- fix-memleaks-in-asn1-arrat2tree.patch | 90 +++++++++++++++++++++++++++ libtasn1.spec | 7 ++- 2 files changed, 96 insertions(+), 1 deletion(-) create mode 100644 fix-memleaks-in-asn1-arrat2tree.patch diff --git a/fix-memleaks-in-asn1-arrat2tree.patch b/fix-memleaks-in-asn1-arrat2tree.patch new file mode 100644 index 0000000..14ec5f7 --- /dev/null +++ b/fix-memleaks-in-asn1-arrat2tree.patch @@ -0,0 +1,90 @@ +From ea0e4fc2567edfc0d20141025837e2bd9c64c0cb Mon Sep 17 00:00:00 2001 +From: opneErler BUildteam +Date: Fri, 5 Jun 2020 15:46:37 +0800 +Subject: [PATCH] fix memleaks in asn1 arrat2tree + +--- + lib/parser_aux.c | 2 +- + lib/structure.c | 20 +++++++++---- + 2 files changed, 15 insertions(+), 7 deletions(-) + +diff --git a/lib/parser_aux.c b/lib/parser_aux.c +index d5dbbf8..071f1be 100644 +--- a/lib/parser_aux.c ++++ b/lib/parser_aux.c +@@ -767,7 +767,7 @@ _asn1_expand_object_id (list_type **list, asn1_node node) + return ASN1_ELEMENT_NOT_FOUND; + + _asn1_set_down (p, p2->right); +- if (p2->down) ++ while (p2->down) + _asn1_delete_structure (*list, &p2->down, 0); + _asn1_delete_node_from_list(*list, p2); + _asn1_remove_node (p2, 0); +diff --git a/lib/structure.c b/lib/structure.c +index 8189c56..6dfba58 100644 +--- a/lib/structure.c ++++ b/lib/structure.c +@@ -207,13 +207,13 @@ asn1_array2tree (const asn1_static_node * array, asn1_node * definitions, + + if (move == DOWN) + { +- if (p_last && p_last->down) ++ while (p_last && p_last->down) + _asn1_delete_structure (e_list, &p_last->down, 0); + _asn1_set_down (p_last, p); + } + else if (move == RIGHT) + { +- if (p_last && p_last->right) ++ while (p_last && p_last->right) + _asn1_delete_structure (e_list, &p_last->right, 0); + _asn1_set_right (p_last, p); + } +@@ -317,7 +317,7 @@ int + _asn1_delete_structure (list_type *e_list, asn1_node * structure, unsigned int flags) + { + asn1_node p, p2, p3; +- ++ int flag_t = 1; + if (*structure == NULL) + return ASN1_ELEMENT_NOT_FOUND; + +@@ -347,7 +347,11 @@ _asn1_delete_structure (list_type *e_list, asn1_node * structure, unsigned int f + { + p3 = _asn1_find_up (p); + if (p3) ++ { + _asn1_set_down (p3, p2); ++ p2 = NULL; ++ flag_t = 0; ++ } + else + { + if (p->right) +@@ -355,15 +359,19 @@ _asn1_delete_structure (list_type *e_list, asn1_node * structure, unsigned int f + } + } + else +- _asn1_set_right (p3, p2); ++ { ++ _asn1_set_right (p3,p2); ++ p2 = NULL; ++ flag_t = 0; ++ } + if (e_list) + _asn1_delete_node_from_list (e_list, p); + _asn1_remove_node (p, flags); +- p = NULL; ++ p = p2; + } + } + } +- ++if (flag_t) + *structure = NULL; + return ASN1_SUCCESS; + } +-- +1.8.3.1 + diff --git a/libtasn1.spec b/libtasn1.spec index e973941..4ae1c66 100644 --- a/libtasn1.spec +++ b/libtasn1.spec @@ -1,7 +1,7 @@ Summary: Libtasn1 is a ASN.1 parsing library Name: libtasn1 Version: 4.17.0 -Release: 1 +Release: 2 # The libtasn1 library is LGPLv2+, utilities are GPLv3+ License: GPLv3+ and LGPLv2+ @@ -9,6 +9,8 @@ URL: http://www.gnu.org/software/libtasn1/ Source0: http://ftp.gnu.org/gnu/libtasn1/%{name}-%{version}.tar.gz Source1: http://ftp.gnu.org/gnu/libtasn1/%{name}-%{version}.tar.gz.sig +Patch0: fix-memleaks-in-asn1-arrat2tree.patch + BuildRequires: gcc, autoconf, automake, libtool, gnupg2, bison, pkgconfig, help2man # when autoconf >= 2.71, the command autoreconf need gtk-doc package BuildRequires: gtk-doc @@ -83,6 +85,9 @@ test "$1" = 0 -a -f %_infodir/%name.info.gz && \ %{_infodir}/*.info.* %changelog +* Wed Jun 8 2022 yixiangzhike - 4.17.0-2 +- fix fuzz issues + * Thu Dec 16 2021 yixiangzhike - 4.17.0-1 - update to 4.17.0 -- Gitee