Possible overflow in asn1 ?
claudiamoroder at st-ulrich.suedtirol.net
Sat Apr 20 10:34:01 GMT 2002
in asn1.c in the function asn1_write_OID the result value is assigned to a
unsigned variable. The OID of KERBEROS5
asn_1.h:#define OID_KERBEROS5 "1 2 840 113554 1 2 2"
contains a value that is bigger than 16 bit.
If it is guaranteed that unsigned is always 32 bit, then all is ok, but I
don't know if this is always true. Looking at includes.h
#if !defined(uint32) && !defined(HAVE_UINT32_FROM_RPC_RPC_H)
#if (SIZEOF_INT == 4)
#define uint32 unsigned int
#elif (SIZEOF_LONG == 4)
#define uint32 unsigned long
#elif (SIZEOF_SHORT == 4)
#define uint32 unsigned short
/* uggh - no 32 bit type?? probably a CRAY. just hope this works ... */
#define uint32 unsigned
it seems to me that this is not alway true.
In this case the variables v and v2 in asn1_write_OID should be declared as
P.S. Can anyone tell me what assumptions can be made about the sizes of the
More information about the samba-technical