From 45e74cfccf895c0ee25c0e4b1478c5bad3d36c0e Mon Sep 17 00:00:00 2001 From: Klas Lindfors Date: Thu, 16 Aug 2018 14:49:32 +0200 Subject: [PATCH] tool: check length before trying to store cert in buffer fixes #148 --- tool/yubico-piv-tool.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/tool/yubico-piv-tool.c b/tool/yubico-piv-tool.c index 4912adf..c23851b 100644 --- a/tool/yubico-piv-tool.c +++ b/tool/yubico-piv-tool.c @@ -561,6 +561,12 @@ static bool import_cert(ykpiv_state *state, enum enum_key_format cert_format, unsigned char certdata[YKPIV_OBJ_MAX_SIZE]; unsigned char *certptr = certdata; ykpiv_rc res; + + if(cert_len > YKPIV_OBJ_MAX_SIZE) { + fprintf(stderr, "Length of certificate is more than can fit.\n"); + goto import_cert_out; + } + if (compress) { if (fread(certdata, 1, (size_t)cert_len, input_file) != (size_t)cert_len) { fprintf(stderr, "Failed to read compressed certificate\n");