core icon indicating copy to clipboard operation
core copied to clipboard
verified publisher icon cfengine

ENT-13591: Fixed buffer overflow in cf-secret when using multiple keys of different sizes (3.24.x)

Open larsewi opened this issue 1 month ago • 1 comments 

$ openssl genrsa -out small.priv 2048
$ openssl rsa -in small.priv -RSAPublicKey_out -out small.pub
writing RSA key
$ openssl genrsa -out large.priv 4096
$ openssl rsa -in large.priv -RSAPublicKey_out -out large.pub
writing RSA key
$ echo "Secret Data" > secret.txt
$ cf-secret encrypt -k small.pub,large.pub -o secret.enc secret.txt
free(): invalid next size (normal)
Aborted (core dumped)

Ticket: ENT-13591 Changelog: Title Signed-off-by: Lars Erik Wik [email protected] (cherry picked from commit b8d1e09f538fc4ea41c4d3262380b8624bdf8e9d)

Backported from https://github.com/cfengine/core/pull/5992

larsewi avatar Dec 15 '25 10:12 larsewi

Build Status

larsewi avatar Dec 18 '25 09:12 larsewi