Handle odd buffer lengths in checksum

Bug #1511108 reported by Linn Crosetto on 2015-10-28
This bug affects 1 person
Affects Status Importance Assigned to Milestone
sbsigntool (Ubuntu)

Bug Description

Buffers of odd length can be passed to the checksum, for example signatures. This results in reading 1 byte beyond the buffer and can produce an incorrect checksum if the extra byte is non-zero.

Attaching a patch changing csum_bytes() to prevent overflowing the buffer, while taking the extra byte into account if the length is odd. Tested with a UEFI binary containing an odd-length signature, and also detach/attach on a binary signed with Microsoft signtool.

The attachment "0001-Handle-odd-buffer-lengths-in-checksum.patch" seems to be a patch. If it isn't, please remove the "patch" flag from the attachment, remove the "patch" tag, and if you are a member of the ~ubuntu-reviewers, unsubscribe the team.

[This is an automated message performed by a Launchpad user owned by ~brian-murray, for any issues please contact him.]

tags: added: patch
Changed in sbsigntool (Ubuntu):
importance: Undecided → Medium
Michael Terry (mterry) wrote :

Thanks for the patch! Uploaded to xenial.

Launchpad Janitor (janitor) wrote :

This bug was fixed in the package sbsigntool - 0.6-0ubuntu9

sbsigntool (0.6-0ubuntu9) xenial; urgency=medium

  [ Linn Crosetto ]
  * debian/patches/0001-Handle-odd-buffer-lengths-in-checksum.patch:
    Fix checksum when handling buffers of odd length. LP: #1511108

 -- Michael Terry <email address hidden> Thu, 19 Nov 2015 16:32:19 -0500

Changed in sbsigntool (Ubuntu):
status: New → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers