Bug 1215275

Summary: possible crash in libidn
Product: [Fedora] Fedora Reporter: Nikos Mavrogiannopoulos <nmavrogi>
Component: libidnAssignee: Miroslav Lichvar <mlichvar>
Status: CLOSED DUPLICATE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 21CC: mlichvar, puntogil
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2015-05-04 10:01:04 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
fix for memory access issue none

Description Nikos Mavrogiannopoulos 2015-04-24 21:16:49 UTC 
Created attachment 1018631 [details]
fix for memory access issue

I had an invalid memory access in gnutls, and I traced it back to libidn. That could result to a crash to programs using libidn to parse untrusted input. A fix is attached.

Reported upstream:
http://permalink.gmane.org/gmane.comp.gnu.libidn.general/573
Comment 1 Miroslav Lichvar 2015-05-04 10:01:04 UTC 
This seems to be a duplicate of bug #1197796 (CVE-2015-2059). libidn expects the string to be valid utf8. The question is what should happen if it's not.

*** This bug has been marked as a duplicate of bug 1197796 ***
Comment 2 Nikos Mavrogiannopoulos 2015-05-04 11:11:13 UTC 
(In reply to Miroslav Lichvar from comment #1)
> This seems to be a duplicate of bug #1197796 (CVE-2015-2059). libidn expects
> the string to be valid utf8. The question is what should happen if it's not.

I think it is obvious that it should not crash.
Comment 3 Miroslav Lichvar 2015-05-04 11:14:27 UTC 
Here is (old) upstream discussion:

http://thread.gmane.org/gmane.comp.gnu.libidn.general/555