diff options
| author | miod <> | 2014-07-11 14:22:55 +0000 |
|---|---|---|
| committer | miod <> | 2014-07-11 14:22:55 +0000 |
| commit | b76881306f907ca5f941dc6b06671d3450dd76d1 (patch) | |
| tree | f6b838771d9fdcce04eef4891e29f8d314e4139a /src | |
| parent | 439032eec8b1ed80ee0d0110896b7f9455427bb3 (diff) | |
| download | openbsd-b76881306f907ca5f941dc6b06671d3450dd76d1.tar.gz openbsd-b76881306f907ca5f941dc6b06671d3450dd76d1.tar.bz2 openbsd-b76881306f907ca5f941dc6b06671d3450dd76d1.zip | |
In asn1_get_length(), tolerate leading zeroes in BER encoding.
OpenSSL PR #2746 via OpenSSL trunk
Diffstat (limited to 'src')
| -rw-r--r-- | src/lib/libcrypto/asn1/asn1_lib.c | 13 | ||||
| -rw-r--r-- | src/lib/libssl/src/crypto/asn1/asn1_lib.c | 13 |
2 files changed, 16 insertions, 10 deletions
diff --git a/src/lib/libcrypto/asn1/asn1_lib.c b/src/lib/libcrypto/asn1/asn1_lib.c index b5f3f78b94..d851339753 100644 --- a/src/lib/libcrypto/asn1/asn1_lib.c +++ b/src/lib/libcrypto/asn1/asn1_lib.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: asn1_lib.c,v 1.30 2014/07/11 08:44:47 jsing Exp $ */ | 1 | /* $OpenBSD: asn1_lib.c,v 1.31 2014/07/11 14:22:55 miod Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -174,15 +174,18 @@ asn1_get_length(const unsigned char **pp, int *inf, long *rl, int max) | |||
| 174 | *inf = 0; | 174 | *inf = 0; |
| 175 | i= *p & 0x7f; | 175 | i= *p & 0x7f; |
| 176 | if (*(p++) & 0x80) { | 176 | if (*(p++) & 0x80) { |
| 177 | if (max < (int)i) | ||
| 178 | return (0); | ||
| 179 | /* skip leading zeroes */ | ||
| 180 | while (i && *p == 0) { | ||
| 181 | p++; | ||
| 182 | i--; | ||
| 183 | } | ||
| 177 | if (i > sizeof(long)) | 184 | if (i > sizeof(long)) |
| 178 | return 0; | 185 | return 0; |
| 179 | if (max-- == 0) | ||
| 180 | return (0); | ||
| 181 | while (i-- > 0) { | 186 | while (i-- > 0) { |
| 182 | ret <<= 8L; | 187 | ret <<= 8L; |
| 183 | ret |= *(p++); | 188 | ret |= *(p++); |
| 184 | if (max-- == 0) | ||
| 185 | return (0); | ||
| 186 | } | 189 | } |
| 187 | } else | 190 | } else |
| 188 | ret = i; | 191 | ret = i; |
diff --git a/src/lib/libssl/src/crypto/asn1/asn1_lib.c b/src/lib/libssl/src/crypto/asn1/asn1_lib.c index b5f3f78b94..d851339753 100644 --- a/src/lib/libssl/src/crypto/asn1/asn1_lib.c +++ b/src/lib/libssl/src/crypto/asn1/asn1_lib.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: asn1_lib.c,v 1.30 2014/07/11 08:44:47 jsing Exp $ */ | 1 | /* $OpenBSD: asn1_lib.c,v 1.31 2014/07/11 14:22:55 miod Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -174,15 +174,18 @@ asn1_get_length(const unsigned char **pp, int *inf, long *rl, int max) | |||
| 174 | *inf = 0; | 174 | *inf = 0; |
| 175 | i= *p & 0x7f; | 175 | i= *p & 0x7f; |
| 176 | if (*(p++) & 0x80) { | 176 | if (*(p++) & 0x80) { |
| 177 | if (max < (int)i) | ||
| 178 | return (0); | ||
| 179 | /* skip leading zeroes */ | ||
| 180 | while (i && *p == 0) { | ||
| 181 | p++; | ||
| 182 | i--; | ||
| 183 | } | ||
| 177 | if (i > sizeof(long)) | 184 | if (i > sizeof(long)) |
| 178 | return 0; | 185 | return 0; |
| 179 | if (max-- == 0) | ||
| 180 | return (0); | ||
| 181 | while (i-- > 0) { | 186 | while (i-- > 0) { |
| 182 | ret <<= 8L; | 187 | ret <<= 8L; |
| 183 | ret |= *(p++); | 188 | ret |= *(p++); |
| 184 | if (max-- == 0) | ||
| 185 | return (0); | ||
| 186 | } | 189 | } |
| 187 | } else | 190 | } else |
| 188 | ret = i; | 191 | ret = i; |