resolve conflicts

author: djm <> 2009-04-06 06:33:20 +0000
committer: djm <> 2009-04-06 06:33:20 +0000
commit: 02266ad76553362863ec35a28c86ea7a4f5acdf9 (patch)
tree: 647f179fa8dcccf50c436cc0165a1d67476a936e /src/lib/libcrypto/asn1
parent: d9de323e6e6b00c0f5eda2fd1399c8c51cdb19c4 (diff)
download: openbsd-02266ad76553362863ec35a28c86ea7a4f5acdf9.tar.gz
openbsd-02266ad76553362863ec35a28c86ea7a4f5acdf9.tar.bz2
openbsd-02266ad76553362863ec35a28c86ea7a4f5acdf9.zip
5 files changed, 40 insertions, 13 deletions
diff --git a/src/lib/libcrypto/asn1/asn1.h b/src/lib/libcrypto/asn1/asn1.h
index 424cd348bb..e3385226d4 100644
--- a/src/lib/libcrypto/asn1/asn1.h
+++ b/src/lib/libcrypto/asn1/asn1.h
@@ -612,6 +612,7 @@ typedef struct BIT_STRING_BITNAME_st {
                        B_ASN1_GENERALIZEDTIME
 #define B_ASN1_PRINTABLE \
+                        B_ASN1_NUMERICSTRING| \
                        B_ASN1_PRINTABLESTRING| \
                        B_ASN1_T61STRING| \
                        B_ASN1_IA5STRING| \
@@ -1217,6 +1218,7 @@ void ERR_load_ASN1_strings(void);
 #define ASN1_R_BAD_OBJECT_HEADER                         102
 #define ASN1_R_BAD_PASSWORD_READ                         103
 #define ASN1_R_BAD_TAG                                   104
+#define ASN1_R_BMPSTRING_IS_WRONG_LENGTH                 210
 #define ASN1_R_BN_LIB                                    105
 #define ASN1_R_BOOLEAN_IS_WRONG_LENGTH                   106
 #define ASN1_R_BUFFER_TOO_SMALL                          107
@@ -1306,6 +1308,7 @@ void ERR_load_ASN1_strings(void);
 #define ASN1_R_UNABLE_TO_DECODE_RSA_KEY                  157
 #define ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY          158
 #define ASN1_R_UNEXPECTED_EOC                            159
+#define ASN1_R_UNIVERSALSTRING_IS_WRONG_LENGTH           211
 #define ASN1_R_UNKNOWN_FORMAT                            160
 #define ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM          161
 #define ASN1_R_UNKNOWN_OBJECT_TYPE                       162
diff --git a/src/lib/libcrypto/asn1/asn1_err.c b/src/lib/libcrypto/asn1/asn1_err.c
index f8a3e2e6cd..5f5de98eed 100644
--- a/src/lib/libcrypto/asn1/asn1_err.c
+++ b/src/lib/libcrypto/asn1/asn1_err.c
@@ -195,6 +195,7 @@ static ERR_STRING_DATA ASN1_str_reasons[]=
 {ERR_REASON(ASN1_R_BAD_OBJECT_HEADER)    ,"bad object header"},
 {ERR_REASON(ASN1_R_BAD_PASSWORD_READ)    ,"bad password read"},
 {ERR_REASON(ASN1_R_BAD_TAG)              ,"bad tag"},
+{ERR_REASON(ASN1_R_BMPSTRING_IS_WRONG_LENGTH),"bmpstring is wrong length"},
 {ERR_REASON(ASN1_R_BN_LIB)               ,"bn lib"},
 {ERR_REASON(ASN1_R_BOOLEAN_IS_WRONG_LENGTH),"boolean is wrong length"},
 {ERR_REASON(ASN1_R_BUFFER_TOO_SMALL)     ,"buffer too small"},
@@ -284,6 +285,7 @@ static ERR_STRING_DATA ASN1_str_reasons[]=
 {ERR_REASON(ASN1_R_UNABLE_TO_DECODE_RSA_KEY),"unable to decode rsa key"},
 {ERR_REASON(ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY),"unable to decode rsa private key"},
 {ERR_REASON(ASN1_R_UNEXPECTED_EOC)       ,"unexpected eoc"},
+{ERR_REASON(ASN1_R_UNIVERSALSTRING_IS_WRONG_LENGTH),"universalstring is wrong length"},
 {ERR_REASON(ASN1_R_UNKNOWN_FORMAT)       ,"unknown format"},
 {ERR_REASON(ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM),"unknown message digest algorithm"},
 {ERR_REASON(ASN1_R_UNKNOWN_OBJECT_TYPE)  ,"unknown object type"},
diff --git a/src/lib/libcrypto/asn1/asn1_par.c b/src/lib/libcrypto/asn1/asn1_par.c
index 501b62a4b1..8657f73d66 100644
--- a/src/lib/libcrypto/asn1/asn1_par.c
+++ b/src/lib/libcrypto/asn1/asn1_par.c
@@ -213,6 +213,8 @@ static int asn1_parse2(BIO *bp, const unsigned char **pp, long length, int offse
                                (tag == V_ASN1_T61STRING) ||
                                (tag == V_ASN1_IA5STRING) ||
                                (tag == V_ASN1_VISIBLESTRING) ||
+                                (tag == V_ASN1_NUMERICSTRING) ||
+                                (tag == V_ASN1_UTF8STRING) ||
                                (tag == V_ASN1_UTCTIME) ||
                                (tag == V_ASN1_GENERALIZEDTIME))
                                {
diff --git a/src/lib/libcrypto/asn1/asn_mime.c b/src/lib/libcrypto/asn1/asn_mime.c
index bc80b20d63..d8d9e76cc0 100644
--- a/src/lib/libcrypto/asn1/asn_mime.c
+++ b/src/lib/libcrypto/asn1/asn_mime.c
@@ -152,7 +152,6 @@ static ASN1_VALUE *b64_read_asn1(BIO *bio, const ASN1_ITEM *it)
 static int asn1_write_micalg(BIO *out, STACK_OF(X509_ALGOR) *mdalgs)
        {
-        const EVP_MD *md;
        int i, have_unknown = 0, write_comma, md_nid;
        have_unknown = 0;
        write_comma = 0;
@@ -162,7 +161,6 @@ static int asn1_write_micalg(BIO *out, STACK_OF(X509_ALGOR) *mdalgs)
                        BIO_write(out, ",", 1);
                write_comma = 1;
                md_nid = OBJ_obj2nid(sk_X509_ALGOR_value(mdalgs, i)->algorithm);
-                md = EVP_get_digestbynid(md_nid);
                switch(md_nid)
                        {
                        case NID_sha1:
diff --git a/src/lib/libcrypto/asn1/tasn_dec.c b/src/lib/libcrypto/asn1/tasn_dec.c
index ced641698e..48bc1c0d4d 100644
--- a/src/lib/libcrypto/asn1/tasn_dec.c
+++ b/src/lib/libcrypto/asn1/tasn_dec.c
@@ -69,7 +69,7 @@ static int asn1_check_eoc(const unsigned char **in, long len);
 static int asn1_find_end(const unsigned char **in, long len, char inf);
 static int asn1_collect(BUF_MEM *buf, const unsigned char **in, long len,
-                                char inf, int tag, int aclass);
+                        char inf, int tag, int aclass, int depth);
 static int collect_data(BUF_MEM *buf, const unsigned char **p, long plen);
@@ -611,7 +611,6 @@ static int asn1_template_ex_d2i(ASN1_VALUE **val,
        err:
        ASN1_template_free(val, tt);
-        *val = NULL;
        return 0;
        }
@@ -758,7 +757,6 @@ static int asn1_template_noexp_d2i(ASN1_VALUE **val,
        err:
        ASN1_template_free(val, tt);
-        *val = NULL;
        return 0;
        }
@@ -878,7 +876,7 @@ static int asn1_d2i_ex_primitive(ASN1_VALUE **pval,
                 * internally irrespective of the type. So instead just check
                 * for UNIVERSAL class and ignore the tag.
                 */
-                if (!asn1_collect(&buf, &p, plen, inf, -1, V_ASN1_UNIVERSAL))
+                if (!asn1_collect(&buf, &p, plen, inf, -1, V_ASN1_UNIVERSAL, 0))
                        {
                        free_cont = 1;
                        goto err;
@@ -1012,6 +1010,18 @@ int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len,
                case V_ASN1_SET:
                case V_ASN1_SEQUENCE:
                default:
+                if (utype == V_ASN1_BMPSTRING && (len & 1))
+                        {
+                        ASN1err(ASN1_F_ASN1_EX_C2I,
+                                        ASN1_R_BMPSTRING_IS_WRONG_LENGTH);
+                        goto err;
+                        }
+                if (utype == V_ASN1_UNIVERSALSTRING && (len & 3))
+                        {
+                        ASN1err(ASN1_F_ASN1_EX_C2I,
+                                        ASN1_R_UNIVERSALSTRING_IS_WRONG_LENGTH);
+                        goto err;
+                        }
                /* All based on ASN1_STRING and handled the same */
                if (!*pval)
                        {
@@ -1128,8 +1138,18 @@ static int asn1_find_end(const unsigned char **in, long len, char inf)
 * if it is indefinite length.
 */
+#ifndef ASN1_MAX_STRING_NEST
+/* This determines how many levels of recursion are permitted in ASN1
+ * string types. If it is not limited stack overflows can occur. If set
+ * to zero no recursion is allowed at all. Although zero should be adequate
+ * examples exist that require a value of 1. So 5 should be more than enough.
+ */
+#define ASN1_MAX_STRING_NEST 5
+#endif
 static int asn1_collect(BUF_MEM *buf, const unsigned char **in, long len,
-                                char inf, int tag, int aclass)
+                        char inf, int tag, int aclass, int depth)
        {
        const unsigned char *p, *q;
        long plen;
@@ -1171,13 +1191,15 @@ static int asn1_collect(BUF_MEM *buf, const unsigned char **in, long len,
                /* If indefinite length constructed update max length */
                if (cst)
                        {
-#ifdef OPENSSL_ALLOW_NESTED_ASN1_STRINGS
+                        if (depth >= ASN1_MAX_STRING_NEST)
-                        if (!asn1_collect(buf, &p, plen, ininf, tag, aclass))
+                                {
+                                ASN1err(ASN1_F_ASN1_COLLECT,
+                                        ASN1_R_NESTED_ASN1_STRING);
+                                return 0;
+                                }
+                        if (!asn1_collect(buf, &p, plen, ininf, tag, aclass,
+                                                depth + 1))
                                return 0;
-#else
-                        ASN1err(ASN1_F_ASN1_COLLECT, ASN1_R_NESTED_ASN1_STRING);
-                        return 0;
-#endif
                        }
                else if (plen && !collect_data(buf, &p, plen))
                        return 0;
author	djm <>	2009-04-06 06:33:20 +0000
committer	djm <>	2009-04-06 06:33:20 +0000
commit	02266ad76553362863ec35a28c86ea7a4f5acdf9 (patch)
tree	647f179fa8dcccf50c436cc0165a1d67476a936e /src/lib/libcrypto/asn1
parent	d9de323e6e6b00c0f5eda2fd1399c8c51cdb19c4 (diff)
download	openbsd-02266ad76553362863ec35a28c86ea7a4f5acdf9.tar.gz openbsd-02266ad76553362863ec35a28c86ea7a4f5acdf9.tar.bz2 openbsd-02266ad76553362863ec35a28c86ea7a4f5acdf9.zip