Bug 1215275 - possible crash in libidn
Summary: possible crash in libidn
Keywords:
Status: CLOSED DUPLICATE of bug 1197796
Alias: None
Product: Fedora
Classification: Fedora
Component: libidn
Version: 21
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
Assignee: Miroslav Lichvar
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2015-04-24 21:16 UTC by Nikos Mavrogiannopoulos
Modified: 2015-05-04 11:14 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2015-05-04 10:01:04 UTC
Type: Bug
Embargoed:

Attachments (Terms of Use)
fix for memory access issue (1.18 KB, application/mbox)
2015-04-24 21:16 UTC, Nikos Mavrogiannopoulos 		no flags Details
View All

Description Nikos Mavrogiannopoulos 2015-04-24 21:16:49 UTC 
Created attachment 1018631 [details]
fix for memory access issue

I had an invalid memory access in gnutls, and I traced it back to libidn. That could result to a crash to programs using libidn to parse untrusted input. A fix is attached.

Reported upstream:
http://permalink.gmane.org/gmane.comp.gnu.libidn.general/573
Comment 1 Miroslav Lichvar 2015-05-04 10:01:04 UTC 
This seems to be a duplicate of bug #1197796 (CVE-2015-2059). libidn expects the string to be valid utf8. The question is what should happen if it's not.

*** This bug has been marked as a duplicate of bug 1197796 ***
Comment 2 Nikos Mavrogiannopoulos 2015-05-04 11:11:13 UTC 
(In reply to Miroslav Lichvar from comment #1)
> This seems to be a duplicate of bug #1197796 (CVE-2015-2059). libidn expects
> the string to be valid utf8. The question is what should happen if it's not.

I think it is obvious that it should not crash.
Comment 3 Miroslav Lichvar 2015-05-04 11:14:27 UTC 
Here is (old) upstream discussion:

http://thread.gmane.org/gmane.comp.gnu.libidn.general/555
Note You need to log in before you can comment on or make changes to this bug.