Ubuntu
sbsigntool package

Handle odd buffer lengths in checksum

Bug #1511108 reported by Linn Crosetto on 2015-10-28

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	sbsigntool (Ubuntu)	Fix Released	Medium	Unassigned

Bug Description

Buffers of odd length can be passed to the checksum, for example signatures. This results in reading 1 byte beyond the buffer and can produce an incorrect checksum if the extra byte is non-zero.

Attaching a patch changing csum_bytes() to prevent overflowing the buffer, while taking the extra byte into account if the length is odd. Tested with a UEFI binary containing an odd-length signature, and also detach/attach on a binary signed with Microsoft signtool.

Tags:

Revision history for this message

Linn Crosetto (linn-u) wrote on 2015-10-28:

0001-Handle-odd-buffer-lengths-in-checksum.patch Edit (1.2 KiB, text/plain)

Revision history for this message

Ubuntu Foundations Team Bug Bot (crichton) wrote on 2015-10-29:

The attachment "0001-Handle-odd-buffer-lengths-in-checksum.patch" seems to be a patch. If it isn't, please remove the "patch" flag from the attachment, remove the "patch" tag, and if you are a member of the ~ubuntu-reviewers, unsubscribe the team.

[This is an automated message performed by a Launchpad user owned by ~brian-murray, for any issues please contact him.]

tags:

added: patch

Mathew Hodson (mhodson) on 2015-11-09

Changed in sbsigntool (Ubuntu):
importance:	Undecided → Medium

Revision history for this message

Michael Terry (mterry) wrote on 2015-11-19:

Thanks for the patch! Uploaded to xenial.

Revision history for this message

Launchpad Janitor (janitor) wrote on 2015-11-20:

This bug was fixed in the package sbsigntool - 0.6-0ubuntu9

---------------
sbsigntool (0.6-0ubuntu9) xenial; urgency=medium

  [ Linn Crosetto ]
  * debian/patches/0001-Handle-odd-buffer-lengths-in-checksum.patch:
    Fix checksum when handling buffers of odd length. LP: #1511108

-- Michael Terry <email address hidden> Thu, 19 Nov 2015 16:32:19 -0500