Maniphest T8111

Assertion failure in Libksba's ocsp.c
Closed, ResolvedPublic
Actions

Assigned To

Authored By

	• werner
	Feb 18 2026, 8:39 AM

Tags

Subscribers

Description

Reported-by: Jonathan Bar Or

The issue is a heap OOB read when parsing OCSP, and can only be
triggered via NDEBUG (i.e. "release") builds.
Generally speaking, there are many cases when assert() calls continue,
and in NDEBUG, assert() calls are not compiled, and simply
fallen-through.

Although the use of NDEBUG is never a good idea, the assert should not be triggred.

Revisions and Commits

rK libksba
	rK49a33f98ae4e Do not let the assert do the work of the previous test.

Related Objects

Mentioned In: T7174: Release libksba 1.6.8

Event Timeline

• werner triaged this task as Normal priority.Feb 18 2026, 8:39 AM

• werner created this task.

• werner created this object with edit policy "Contributor (Project)".

• werner added a commit: rK49a33f98ae4e: Do not let the assert do the work of the previous test..Feb 18 2026, 8:47 AM

• werner changed the task status from Open to Testing.Feb 18 2026, 9:39 AM

• werner mentioned this in T7174: Release libksba 1.6.8.Feb 23 2026, 2:33 PM

• werner closed this task as Resolved.Feb 23 2026, 2:50 PM

• werner claimed this task.