Possible overflow in asn1 ?

andreas moroder claudiamoroder at st-ulrich.suedtirol.net
Sat Apr 20 10:34:01 GMT 2002


in asn1.c  in the function asn1_write_OID  the result value is assigned to a
unsigned variable. The OID of KERBEROS5

asn_1.h:#define OID_KERBEROS5 "1 2 840 113554 1 2 2"

contains a value that is bigger than 16 bit.

If it is guaranteed that unsigned is always 32 bit, then all is ok, but I
don't know if this is always true. Looking at includes.h

#if !defined(uint32) && !defined(HAVE_UINT32_FROM_RPC_RPC_H)
#if (SIZEOF_INT == 4)
#define uint32 unsigned int
#elif (SIZEOF_LONG == 4)
#define uint32 unsigned long
#elif (SIZEOF_SHORT == 4)
#define uint32 unsigned short
/* uggh - no 32 bit type?? probably a CRAY. just hope this works ... */
#define uint32 unsigned

it seems to me that this is not alway true.

In this case the variables v and v2 in asn1_write_OID should be declared as
unsigned long.


P.S. Can anyone tell me what assumptions can be made about the sizes of the
different int's

More information about the samba-technical mailing list