You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I found this by running AFL against the privkey parser. In openssh::Asn1::sequence there are the lines
let bytes = self.read_len()?;let res = Asn1::new(&self.data[self.offset..self.offset+bytes]);
self.offset is bounds-checked at the beginning of the function, but bytes is not, or at least not sufficiently. Here's a private key that triggers a panic:
I found this by running AFL against the privkey parser. In
openssh::Asn1::sequence
there are the linesself.offset
is bounds-checked at the beginning of the function, butbytes
is not, or at least not sufficiently. Here's a private key that triggers a panic:The text was updated successfully, but these errors were encountered: