在百度上买的票火车票能用微信支付吗付的款,钱二十多天了钱没有到账找谁要

来源:蜘蛛抓取(WebSpider) 时间:2017-09-12 20:32 标签: 微信支付电子发票
关于Objective Systems ASN1C堆缓冲区溢出漏洞的安全公告
&&&&&&&& 近日,国家信息安全漏洞共享平台(CNVD)收录了Objective Systems ASN1C堆缓冲区溢出漏洞(CNVD-,对应CVE-)。未经身份验证的攻击者利用漏洞,通过构造ASN.1数据,可执行任意代码或造成拒绝服务攻击。根据目前评估的潜在影响范围,有可能对通信网络(特别是移动通信)等关键基础设施构成较大的威胁。
&&&&&&& 一、漏洞情况分析
&&&&&&&&ASN.1(抽象语法标记)是一个国际标准,是电信领域使用的数据结构和传输协议。ASN1C代码编译器由美国Objective Systems公司推出,帮助开发者将ASN.1数据结构,操作和指令转换为C,C ++,C#或Java代码;ASN1C可嵌入到部署了GSM和LTE网络的移动设备的应用程序中。
&&&&&&& 包含预编译asn1rt_a.lib库的rtxMemHeapAlloc函数存在两个整数溢出漏洞。由于在rtxMemHeapAlloc中的内存堆(pMemHeap)需要调用tortxMemHeapCreate和rtxMemHeapCheck,nbytes,参数(arg_4)是人为可控的,它的值通过ebp+arg_4传递给ecx ,但程序在执行add ecx 7的时候未验证ecx的值,当ecx值高于0xFFFFFFF9会造成整型溢出。攻击者利用漏洞通过构造的ASN.1数据,可执行任意代码或造成拒绝服务。
&&&&&&& CNVD对该漏洞的综合评级为&高危&。
&&&&&&& 二、漏洞影响范围
&&&&&&& 漏洞影响ASN1C<=7.0.0的版本。
&&&&&&& ASN1C到C和C ++的编译器受该漏洞影响,Objective Systems仍在调查ASN.1到C#和ASN.1到Java的编译器是否受漏洞影响。
&&&&&&& 目前,根据国外应急组织(US-CERT)和官方厂商的努力,已经尝试联系了34家移动运营商和设备供应商,告知上述问题。目前,只有高通已经确认受到漏洞影响,而霍尼韦尔公司和惠普公司都表示它们没有受到漏洞影响。
&&&&&&& 三、漏洞修复建议
&&&&&&& 厂商发布了ASN1C 7.0.1.x版本作为临时修复方案,并计划在未来几周内推出7.0.2版本,完全修复该漏洞。请关注厂商主页更新:
&&&&&&& 附:参考链接:您的位置: &
ASN.1到C/C++编译器实现的研究
优质期刊推荐Objective s ASN1C堆缓冲区溢出漏洞(CVE-)
发布日期:更新日期:受影响系统:
Objective Systems ASN1C for C/C++ & 7.0.2Objective Systems ASN1C for C/C++
CVE(CAN) ID: ASN.1是一套标准,是描述数据的表示、编码、传输、解码记法。ASN1C可按ASN.1语法生成高级语言代码。ASN1C for C/C++ & 7.0.2版本,asn1rt_a.lib/rtxMemHeapAlloc函数存在整数溢出漏洞。上下文独立的攻击者通过构造的ASN.1数据,可执行任意代码或造成拒绝服务。&*来源:vendor& *&建议:
厂商补丁:Objective Systems-----------------目前厂商已经发布了以修复这个问题,请到厂商的主页下载:参考:
本文永久更新链接地址:帐号:密码:下次自动登录{url:/nForum/slist.json?uid=guest&root=list-section}{url:/nForum/nlist.json?uid=guest&root=list-section}
贴数:5&分页:telbook发信人: telbook (telbook), 信区: NetPRG
标&&题: 请教是否有工具能直接从asn.1文件生成c源代码?
发信站: 水木社区 (Sun May 24 11:34:04 2009), 转信 && asn.1用于定义通讯报文的内容与格式, && 我觉得一套完整的用asn.1编写的文件仅仅用于完整、清晰地描述通讯内容, && 弥补文字描述的不足, && 但asn.1文件是给人阅读的, && 若要编写真正用于装置通信的程序,应该是理解这些asn.1文件, && 然后按照文件的定义,由人工一条条地写c代码(假设用c)。 &&&&&& 请问,是否有工具能从这些asn.1直接生成c或者别的语言的源程序,进而编译为可执行文件? && -- && ※ 来源:·水木社区 newsmth.net·[FROM: 119.103.5.*]
我的月份又来了发信人: JulyClyde (继续失业), 信区: NetPRG
标&&题: Re: 请教是否有工具能直接从asn.1文件生成c源代码?
发信站: 水木社区 (Sun May 24 18:02:53 2009), 转信 && 你想生成完成什么功能的C代码?
【 在 telbook (telbook) 的大作中提到: 】
: asn.1用于定义通讯报文的内容与格式,
: 我觉得一套完整的用asn.1编写的文件仅仅用于完整、清晰地描述通讯内容,
: 弥补文字描述的不足,
: ...................
&& -- && 个人博客更换域名
&&&& ※ 来源:·水木社区 newsmth.net·[FROM: 61.149.190.*]
telbook发信人: telbook (telbook), 信区: NetPRG
标&&题: Re: 请教是否有工具能直接从asn.1文件生成c源代码?
发信站: 水木社区 (Mon May 25 07:23:27 2009), 转信 && 我想首先用asn定义通信的各种报文,然后用软件生成相应的代码。 && 比如,下面这段asn是从标准上拷贝下来的,其中还有某些数据类型还要进一步引用其他语句。这段asn文件仅仅包含了整个装置通讯的一部分,其他内容与此差不多。 && IEC61850 DEFINITIONS ::= BEGIN
IMPORTS Data FROM ISO-IEC-9506-2
Specific Protocol ::= CHOICE { &&&&&&&& gseMngtPdu&&&&&&[APPLICATION 0] IMPLICIT GSEMngtPdu, &&&&&&&& goosePdu&&&&&&&&[APPLICATION 1] IMPLICIT IECGoosePdu,
… } && GSEMngtPdu ::= SEQUENCE { &&&&&&&& StateID&&&&&&&& [0] IMPLICIT INTEGER, &&&&&&&& Security&&&&&&&&[3] ANY OPTIONAL, -- reserved for future definition &&&&&&&& CHOICE { &&&&&&&&&&&&&&&& requests&&[1] IMPLICIT GSEMngtRequests, &&&&&&&&&&&&&&&& responses [2] IMPLICIT GSEMngtResponses &&&&&&&& }
} && GSEMngtRequests ::= CHOICE { &&&&&&&& getGoReference&&&&&&&&&&[1] IMPLICIT GetReferenceRequestPdu &&&&&&&& getGOOSEElementNumber&& [2] IMPLICIT GetElementRequestPdu, &&&&&&&& getGsReference&&&&&&&&&&[3] IMPLICIT GetReferenceRequestPdu, &&&&&&&& getGSSEDataOffset&&&&&& [4] IMPLICIT GetElementRequestPdu, &&&&&&&& …
} && GSEMngtResponses ::= CHOICE { &&&&&&&& gseMngtNotSupported [0] IMPLICIT NULL, &&&&&&&& getGoReference&&&&&&&&&&[1] IMPLICIT GSEMngtResponsePdu, &&&&&&&& getGOOSEElementNumber&& [2] IMPLICIT GSEMngtResponsePdu, &&&&&&&& getGsReference&&&&&&&&&&[3] IMPLICIT GSEMngtResponsePdu, &&&&&&&& getGSSEDataOffset&&&&&& [4] IMPLICIT GSEMngtResponsePdu, &&&&&&&& …
} && GetReferenceRequestPdu ::= SEQUENCE { &&&&&&&& ident&&[0] IMPLICIT VISIBLE-STRING,&&&&&&&&&&&& offset [1] IMPLICIT SEQUENCE OF INTEGER, &&&&&&&& …
} && GetElementRequestPdu ::= SEQUENCE { &&&&&&&& ident&&&&&&&&&& [0] IMPLICIT VISIBLE-STRING, &&&&&&&& references&&[1] IMPLICIT SEQUENCE OF VISIBLE-STRING, &&&&&&&& …
} && GSEMngtResponsePdu ::= SEQUENCE { &&&&&&&& ident&& [0] IMPLICIT VISIBLE-STRING, &&&&&&&& confRev [1] IMPLICIT INTEGER OPTIONAL, &&&&&&&& CHOICE { &&&&&&&&&&&&&&&& responsePositive [2] IMPLICIT SEQUENCE { &&&&&&&&&&&&&&&&&&&&&&&& datSet [0] IMPLICIT VISIBLE_STRING OPTIONAL, &&&&&&&&&&&&&&&&&&&&&&&& result [1] IMPLICIT SEQUENCE OF RequestResults &&&&&&&&&&&&&&&& }, &&&&&&&&&&&&&&&& responseNegative [3] IMPLICIT GlbErrors &&&&&&&& }, &&&&&&&& …
} && RequestResults::= CHOICE { &&&&&&&& offset&&&&&&&&&&[0] IMPLICIT INTEGER, &&&&&&&& reference&&&&&& [1] IMPLICIT IA5STRING, &&&&&&&& error&&&&&&&&&& [2] IMPLICIT ErrorReason
} && GlbErrors ::= INTEGER { &&&&&&&& other(0), &&&&&&&& unknownControlBlock(1), &&&&&&&& responseTooLarge(2), &&&&&&&& controlBlockConfigurationError (3), &&&&&&&& …
} && ErrorReason ::= INTEGER { &&&&&&&& other (0), &&&&&&&& notFound (1), &&&&&&&& …
} && IECGoosePdu ::= SEQUENCE { &&&&&&&& gocbRef&&&&&&&& [0] IMPLICIT VISIBLE-STRING, &&&&&&&& timeAllowedtoLive [1] IMPLICIT INTEGER, &&&&&&&& datSet&&&&&&&&&&[2] IMPLICIT VISIBLE-STRING, &&&&&&&& goID&&&&&&&&&&&&[3] IMPLICIT VISIBLE-STRING OPTIONAL, &&&&&&&& t&&&&&&&&&&&&&& [4] IMPLICIT UtcTime, &&&&&&&& stNum&&&&&&&&&& [5] IMPLICIT INTEGER, &&&&&&&& sqNum&&&&&&&&&& [6] IMPLICIT INTEGER, &&&&&&&& test&&&&&&&&&&&&[7] IMPLICIT BOOLEAN DEFAULT FALSE, &&&&&&&& confRev&&&&&&&& [8] IMPLICIT INTEGER, &&&&&&&& ndsCom&&&&&&&&&&[9] IMPLICIT BOOLEAN DEFAULT FALSE, &&&&&&&& numDatSetEntries [10] IMPLICIT INTEGER, &&&&&&&& allData&&&&&&&& [11] IMPLICIT SEQUENCE OF Data, &&&&&&&& security&&&&&&&&[12] ANY OPTIONAL,
} && UtcTime ::= OCTETSTRING – format and size defined in 8.1.3.6. && END &&&&&& 【 在 JulyClyde (继续失业) 的大作中提到: 】
你想生成完成什么功能的C代码?
【 在 telbook (telbook) 的大作中提到: 】
: asn.1用于定义通讯报文的内容与格式,
: 我觉得一套完整的用asn.1编写的文件仅仅用于完整、清晰地描述通讯内容,
: 弥补文字描述的不足,
: ...................
&& -- && 个人博客更换域名
&&&&&&&& -- && ※ 来源:·水木社区 newsmth.net·[FROM: 119.103.79.*]
我的月份又来了发信人: JulyClyde (继续失业), 信区: NetPRG
标&&题: Re: 请教是否有工具能直接从asn.1文件生成c源代码?
发信站: 水木社区 (Mon May 25 09:15:35 2009), 转信 && 1 烟酒僧同学请不要给我发站内信
2 你还是没定义到底什么是“相应的”代码。代码是要实现一定功能的。你想实现什么?
【 在 telbook (telbook) 的大作中提到: 】
: 我想首先用asn定义通信的各种报文,然后用软件生成相应的代码。
: 比如,下面这段asn是从标准上拷贝下来的,其中还有某些数据类型还要进一步引用其他语句。这段asn文件仅仅包含了整个装置通讯的一部分,其他内容与此差不多。
: IEC61850 DEFINITIONS ::= BEGIN
: ...................
&& -- && 个人博客更换域名
&&&& ※ 来源:·水木社区 newsmth.net·[FROM: 61.149.190.*]
shh发信人: shh (shh), 信区: NetPRG
标&&题: Re: 请教是否有工具能直接从asn.1文件生成c源代码?
发信站: 水木社区 (Sat May 30 18:04:15 2009), 站内 && encode/decode?
&& 【 在 telbook (telbook) 的大作中提到: 】
: asn.1用于定义通讯报文的内容与格式,
: 我觉得一套完整的用asn.1编写的文件仅仅用于完整、清晰地描述通讯内容,
: 弥补文字描述的不足,
: ...................
&& -- && ※ 来源:·水木社区 newsmth.net·[FROM: 221.3.24.*]
文章数:5&分页:ffasn1c ASN.1 Compiler
ffasn1c ASN.1 Compiler
Table of Contents
1 Introduction
ffasn1c compiles ASN.1 source and generate C code to manipulate,
encode and decode the corresponding ASN.1 messages.
The generated C code is made of a header defining the ASN.1 types and a
source defining an internal binary representation of the ASN.1 types.
The library libffasn1 (source code in libffasn1/) contains the
functions to allocate, encode, decode and free ASN.1 messages.
2 Installation
The compiler ffasn1c does not need a specific installation. The
ffasn1c executable does not need any other file so you can copy it
anywhere (for example in /usr/local/bin on a Linux system).
3 Quick Start
In the examples directory you can build the asn1convert
For Linux, type make to build the example.
For Windows using MinGW, type make CONFIG_WIN32=y to build the example.
For Windows using MSVC, type nmake -f Makefile.msvc to build the example.
ffasn1c is invoked to generate
simpletest.h and simpletest.c from the ASN.1 source
simpletest.asn.
asn1convert is a simple tool to convert messages of type
ObjectList from any ASN.1 encoding to any encoding. You can try:
./asn1convert ber gser simpletest.der a.gser
a.gser contains the GSER (i.e. text) representation of the DER
encoded message stored in simpletest.der.
4 Invocation
ffasn1c [options] inputfile...
There can be several input files. Each input file defines one or more
ASN.1 modules.
-hshow the help
-o outfileset the output filename (extension replaced by .c or .h)
-fforce-int32
force 32 bit integers for INTEGER type. By default the compiler stores
the integers on the C int or uint32_t type only if the
PER-visible contraints tells that it can fit. Otherwise, large
integers are used (ASN1Integer C type).
-fno-type-namesdo not generate type name information. It saves space if XER encoding
is not needed. Type name information is only necessary for XER
encoding or for debugging.
-fallow-dup-int-identAllow duplicate integer value identifiers (not standard, useful to
compile some invalid ASN.1 sources)
-fprefix=nameAdd the prefix name to all public C identifiers.
-fdefine-int-valuesExport as C defines all ASN.1 integer values (useful for example for
LTE S1AP/X2AP identifiers).
-fshort-enumsThe ffasn1c runtime requires that the enum type in the
generated headers has a size of 32 bits. It is the case with most
toolchains. If it is not the case (for example if the GCC option
-fshort-enums is used), then this option should be used. It
forces ffasn1c to generate an additional dummy definition in each
enum to force its size to 32 bits.
Debug options: these options are useful if you want to know if the
compiler really understood what you meant.
-fdump-parse-treedump the modules just after they are parsed.
-fdump-expanded-treedump the modules after the parametrized types and values are expanded.
-Edump the modules after the values are evaluated.
-fdump-persame as -E but with the PER-visible constraints as comments.
5 Compliance
The compiler implements the following standards:
X.680 2008 (Specification of basic notation)
X.681 2008 (Information object specification)
X.682 2008 (Constraint specification)
X.683 2008 (Parameterization of ASN.1 specifications)
The ANY type is supported to be able to compile older ASN.1
sources (X.208 specification).
The runtime library implements the following standards:
X.690 2008 (Specification of BER, CER and DER)
X.691 2008 (Specification of Packed Encoding Rules (PER))
X.693 2008 (Specification of XML Encoding Rules (XER))
X.696 2014 (Specification of Octet Encoding Rules (OER))
(Generic String Encoding Rules for ASN.1 Types)
Known limitations and rationale:
Only PER-visible constraints are checked at runtime. But all
constraints are correctly evaluated. Table constraints are only
evaluated to decode open types.
In the PER encoding, the encoding SET OF is not
canonical. [SET OF is almost never used in PER notation and
making it canonical has a large runtime cost].
SEQUENCE or SET components with complex default values
are converted to OPTIONAL components in the generated C
code. [The runtime cost of handling these cases would be high while
being almost never used in practise.]
The EMBEDDED PDV, EXTERNAL and CHARACTER STRING
types are supported but are always encoded as the SEQUENCE
value indicated in X.680.
The content of object of type GeneralString,
GraphicString, TeletexString, GeneralizedTime,
UTCTime and ObjectDescriptor are handled as OCTET
STRING. No consistency check are done. However we fully support the
restricted multiplier strings (NumericString,
PrintableString, VisibleString, IA5String,
BMPString and UniversalString) and UTF8String.
The REAL type is stored as the double C type. [In our
current use case, arbitrary precision floating point values were not
6 Useful types
A few useful types are predefined by the compiler in a built-in
UsefulDefinitions module. The types are:
TYPE-IDENTIFIER (X 681 Annex A)
ABSTRACT-SYNTAX (X 681 Annex B)
InstanceOfType (used to implement the INSTANCE OF type of X 681 Annex C)
EXTERNAL-Internal (used to implement the EXTERNAL type)
EMBEDDED-PDV-Internal (used to implement the EMBEDDED PDV type)
CHARACTER-STRING-Internal (used to implement the CHARACTER STRING type)
7 Runtime C/C++ API
7.1 Memory allocation
The user must provide the 3 following functions so that the library can
allocate, reallocate and free memory:
void *asn1_malloc(int size);
void *asn1_realloc(void *ptr, int size);
void asn1_free(void *ptr);
Note: asn1_malloc() must return a non NULL pointer when size = 0.
7.2 Managing ASN.1 types and values
The ASN.1 types are compiled into an opaque C type: ASN1CType
*. All the API uses this type to manipulate ASN.1 types.
The ASN.1 values of the corresponding types are represented in memory
using the structures, unions and other types defined in the C header
generated by the compiler. A flat representation is used for
SEQUENCE/SET and CHOICE to minimize the cost of memory
allocations. Pointer indirections are used for SEQUENCE/SET OF
and for recursive types.
The following functions are defined to manage ASN.1 types and
int asn1_get_size(const ASN1CType *p);Return the size (in bytes) of an ASN1 type.
void *asn1_mallocz_value(const ASN1CType *p);Allocate a value of the ASN1 type p. All fields are set to zero.
void asn1_free_value(const ASN1CType *p, void *data);Free the value data of the ASN1 type p.
int asn1_cmp_value(const ASN1CType *p, const void *data1, const void *data2);Compare the two ASN1 values data1 and data2 of type
p. Return & 0 for less than, == 0 for equal, or & 0 for larger
than. For composite values, a lexicographical ordering is assumed.
int asn1_copy_value(const ASN1CType *p, void *data1, const void *data2);Copy data2 to data1 assuming data1 is allocated. All
referenced data inside data1 is allocated. Return 0 if OK, & 0
void *asn1_clone_value(const ASN1CType *p, const void *data);
Clone the value data of type p (equivalent to
asn1_mallocz_value() followed by
asn1_copy_value()). Return NULL if error.
void *asn1_random(const ASN1CType *p, int seed);Generate a random ASN1 value of type p (useful for
testing). seed is used to initialize the random generator.
7.3 Encoding of ASN.1 values
int asn1_uper_encode(uint8_t **pbuf, const ASN1CType *p, const void *data);Encode the value data of ASN.1 type p using unaligned
PER encoding. Return the allocated value bytes at *pbuf and
its length in bytes. The value can be freed with asn1_free().
int asn1_aper_encode(uint8_t **pbuf, const ASN1CType *p, const void *data);Same for aligned PER encoding.
int asn1_der_encode(uint8_t **pbuf, const ASN1CType *p, const void *data);Same for DER encoding.
int asn1_ber_encode(uint8_t **pbuf, const ASN1CType *p, const void *data, const ASN1BERParams *params);Same for generic BER encoding with options specified in
params. This function is normally only used to generate specific
BER constructs to test BER decoders.
int asn1_gser_encode(uint8_t **pbuf, const ASN1CType *p, const void *data);Same for GSER encoding.
int asn1_gser_encode2(uint8_t **pbuf, const ASN1CType *p, const void *data, const ASN1GSERParams *params);Same for GSER encoding with formatting parameters.
int asn1_xer_encode(uint8_t **pbuf, const ASN1CType *p, const void *data);Same for XER encoding.
int asn1_xer_encode2(uint8_t **pbuf, const ASN1CType *p, const void *data, const ASN1XERParams *params);Same for XER encoding with formatting parameters.
int asn1_oer_encode(uint8_t **pbuf, const ASN1CType *p, const void *data);Same for OER encoding.
7.4 Decoding of ASN.1 values
int asn1_uper_decode(void **pdata, const ASN1CType *p, const uint8_t *buf, int buf_len, ASN1Error *err);Decode the value of buf_len bytes contained in buf using
the unaligned PER encoding. Return the number of consumed bytes or & 0
if error. *pdata contains the decoded value or NULL if
there was an error. The decoded value can be freed with
asn1_free_value(). In case of error, more information about the
error is returned in err.
int asn1_aper_decode(void **pdata, const ASN1CType *p, const uint8_t *buf, int buf_len, ASN1Error *err);Same for aligned PER decoding.
int asn1_ber_decode(void **pdata, const ASN1CType *p, const uint8_t *buf, int buf_len, ASN1Error *err);Same for BER decoding.
int asn1_gser_decode(void **pdata, const ASN1CType *p, const uint8_t *buf, int buf_len, ASN1Error *err);Same for GSER decoding.
int asn1_xer_decode(void **pdata, const ASN1CType *p, const uint8_t *buf, int buf_len, ASN1Error *err);Same for XER decoding.
int asn1_oer_decode(void **pdata, const ASN1CType *p, const uint8_t *buf, int buf_len, ASN1Error *err);Same for OER decoding.
7.5 Constraint check
BOOL asn1_check_constraints(const ASN1CType *p, const void *data, char *msg_buf, int msg_buf_size);
Return TRUE if the constraints are satisfied. Otherwise return FALSE
and put an informative message string in msg_buf of maximum size
msg_buf_size.
ffasn1c and its runtime library is copyright
ffasn1c and its associated runtime library is available without any
express or implied warranty. In no event will the author be held
liable for any damages arising from the use of this software.

我要回帖

更多关于 微信支付电子发票 的文章

 

随机推荐