Heap overflow / invalid read in Libtasn1 before 4.5 (TFPA 005/2015)

Posted by Hanno Böck on Apr 30


While fuzzing GnuTLS I discovered a malformed certificate input sample
that would cause a heap overflow read of 99 bytes in the DER decoding
functions of Libtasn1. The heap overflow happens in the function

This issue was reported to the Libtasn1 developer on 16th April. A fix
was committed on 20th April and is part of the…

Leave a Reply