Possible overflow in asn1 ?
andreas moroder
claudiamoroder at st-ulrich.suedtirol.net
Sat Apr 20 10:34:01 GMT 2002
Hello,
in asn1.c in the function asn1_write_OID the result value is assigned to a
unsigned variable. The OID of KERBEROS5
asn_1.h:#define OID_KERBEROS5 "1 2 840 113554 1 2 2"
contains a value that is bigger than 16 bit.
If it is guaranteed that unsigned is always 32 bit, then all is ok, but I
don't know if this is always true. Looking at includes.h
#if !defined(uint32) && !defined(HAVE_UINT32_FROM_RPC_RPC_H)
#if (SIZEOF_INT == 4)
#define uint32 unsigned int
#elif (SIZEOF_LONG == 4)
#define uint32 unsigned long
#elif (SIZEOF_SHORT == 4)
#define uint32 unsigned short
#else
/* uggh - no 32 bit type?? probably a CRAY. just hope this works ... */
#define uint32 unsigned
#endif
#endif
it seems to me that this is not alway true.
In this case the variables v and v2 in asn1_write_OID should be declared as
unsigned long.
Bye
Andreas
P.S. Can anyone tell me what assumptions can be made about the sizes of the
different int's
More information about the samba-technical
mailing list