Control: notfound 773470 2.1.1
On Thu 2014-12-18 13:32:24 -0500, Joshua Rogers wrote:
> Package: gnupg2
> Version: 2.1.1
>
> On line 1242 of app-nks.c, 'xtrymalloc' is called with 'datalen',
> which is calculated using "size_t datalen = oldpinlen + newpinlen"
The code you're talking about is here
Package: gnupg2
Version: 2.1.1
Severity: normal
Hi,
On line 1242 of app-nks.c, 'xtrymalloc' is called with 'datalen', which is
calculated using "size_t datalen = oldpinlen + newpinlen"
This does not account for the null-bytes, and may cause either a buffer
overflow, or other problems down the
2 matches
Mail list logo
