aboutsummaryrefslogtreecommitdiffstats
path: root/lib/asn1
diff options
context:
space:
mode:
authorSverker Eriksson <[email protected]>2010-02-18 14:59:46 +0000
committerErlang/OTP <[email protected]>2010-02-18 14:59:46 +0000
commit3a44b99cc6f14a87242e2dddc57f191f853cfd90 (patch)
treeacb6f863b54412f0b42f998711ba34e45216e665 /lib/asn1
parente68da67280480bcd51e1a38372e5671a38082f82 (diff)
downloadotp-3a44b99cc6f14a87242e2dddc57f191f853cfd90.tar.gz
otp-3a44b99cc6f14a87242e2dddc57f191f853cfd90.tar.bz2
otp-3a44b99cc6f14a87242e2dddc57f191f853cfd90.zip
OTP-8451 Harmless buffer overflow by one byte in asn1 and ram_file_drv.
Diffstat (limited to 'lib/asn1')
-rw-r--r--lib/asn1/c_src/asn1_erl_driver.c16
1 files changed, 10 insertions, 6 deletions
diff --git a/lib/asn1/c_src/asn1_erl_driver.c b/lib/asn1/c_src/asn1_erl_driver.c
index cd2e63a363..fd284e5800 100644
--- a/lib/asn1/c_src/asn1_erl_driver.c
+++ b/lib/asn1/c_src/asn1_erl_driver.c
@@ -1,19 +1,19 @@
/*
* %CopyrightBegin%
- *
- * Copyright Ericsson AB 2002-2009. All Rights Reserved.
- *
+ *
+ * Copyright Ericsson AB 2002-2010. All Rights Reserved.
+ *
* The contents of this file are subject to the Erlang Public License,
* Version 1.1, (the "License"); you may not use this file except in
* compliance with the License. You should have received a copy of the
* Erlang Public License along with this software. If not, it can be
* retrieved online at http://www.erlang.org/.
- *
+ *
* Software distributed under the License is distributed on an "AS IS"
* basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See
* the License for the specific language governing rights and limitations
* under the License.
- *
+ *
* %CopyrightEnd%
*
*/
@@ -206,7 +206,11 @@ int asn1_drv_control(ErlDrvData handle,
set_port_control_flags(a_data->port, PORT_CONTROL_FLAG_BINARY);
if (command == ASN1_COMPLETE)
- { /* Do the PER complete encode step */
+ {
+ if (buf_len==0) {
+ return 0; /* Avoid binary buffer overwrite (OTP-8451) */
+ }
+ /* Do the PER complete encode step */
if ((drv_binary = driver_alloc_binary(buf_len))==NULL) {
/* error handling */
set_port_control_flags(a_data->port, 0);