summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorjsing <>2014-07-13 21:35:27 +0000
committerjsing <>2014-07-13 21:35:27 +0000
commit24e41266dcff4261425b554ed5b08cb4be1afe9e (patch)
tree377ab0cd8b226205d76bf86aee170144bae236e3 /src
parent1a63ea429052f7be2aecd7de5b535dea76815cf9 (diff)
downloadopenbsd-24e41266dcff4261425b554ed5b08cb4be1afe9e.tar.gz
openbsd-24e41266dcff4261425b554ed5b08cb4be1afe9e.tar.bz2
openbsd-24e41266dcff4261425b554ed5b08cb4be1afe9e.zip
Convert error handling to SSLerr and ERR_asprintf_error_data.
Diffstat (limited to 'src')
-rw-r--r--src/lib/libssl/src/ssl/ssl_asn1.c113
-rw-r--r--src/lib/libssl/ssl_asn1.c113
2 files changed, 108 insertions, 118 deletions
diff --git a/src/lib/libssl/src/ssl/ssl_asn1.c b/src/lib/libssl/src/ssl/ssl_asn1.c
index 90071000de..9e1e2e37a1 100644
--- a/src/lib/libssl/src/ssl/ssl_asn1.c
+++ b/src/lib/libssl/src/ssl/ssl_asn1.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_asn1.c,v 1.34 2014/07/13 17:56:56 jsing Exp $ */ 1/* $OpenBSD: ssl_asn1.c,v 1.35 2014/07/13 21:35:27 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -274,11 +274,10 @@ d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp, long length)
274 c.p = *pp; 274 c.p = *pp;
275 c.q = *pp; 275 c.q = *pp;
276 c.max = (length == 0) ? 0 : (c.p + length); 276 c.max = (length == 0) ? 0 : (c.p + length);
277 c.error = ERR_R_NESTED_ASN1_ERROR;
278 277
279 if (a == NULL || *a == NULL) { 278 if (a == NULL || *a == NULL) {
280 if ((ret = SSL_SESSION_new()) == NULL) { 279 if ((ret = SSL_SESSION_new()) == NULL) {
281 c.line = __LINE__; 280 SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR);
282 goto err; 281 goto err;
283 } 282 }
284 } else 283 } else
@@ -288,7 +287,7 @@ d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp, long length)
288 osp = &os; 287 osp = &os;
289 288
290 if (!asn1_GetSequence(&c, &length)) { 289 if (!asn1_GetSequence(&c, &length)) {
291 c.line = __LINE__; 290 SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR);
292 goto err; 291 goto err;
293 } 292 }
294 293
@@ -296,7 +295,7 @@ d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp, long length)
296 ai.length = 0; 295 ai.length = 0;
297 c.q = c.p; 296 c.q = c.p;
298 if (d2i_ASN1_INTEGER(&aip, &c.p, c.slen) == NULL) { 297 if (d2i_ASN1_INTEGER(&aip, &c.p, c.slen) == NULL) {
299 c.line = __LINE__; 298 SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR);
300 goto err; 299 goto err;
301 } 300 }
302 c.slen -= (c.p - c.q); 301 c.slen -= (c.p - c.q);
@@ -310,7 +309,7 @@ d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp, long length)
310 /* we don't care about the version right now :-) */ 309 /* we don't care about the version right now :-) */
311 c.q = c.p; 310 c.q = c.p;
312 if (d2i_ASN1_INTEGER(&aip, &c.p, c.slen) == NULL) { 311 if (d2i_ASN1_INTEGER(&aip, &c.p, c.slen) == NULL) {
313 c.line = __LINE__; 312 SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR);
314 goto err; 313 goto err;
315 } 314 }
316 c.slen -= (c.p - c.q); 315 c.slen -= (c.p - c.q);
@@ -326,21 +325,20 @@ d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp, long length)
326 os.length = 0; 325 os.length = 0;
327 c.q = c.p; 326 c.q = c.p;
328 if (d2i_ASN1_OCTET_STRING(&osp, &c.p, c.slen) == NULL) { 327 if (d2i_ASN1_OCTET_STRING(&osp, &c.p, c.slen) == NULL) {
329 c.line = __LINE__; 328 SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR);
330 goto err; 329 goto err;
331 } 330 }
332 c.slen -= (c.p - c.q); 331 c.slen -= (c.p - c.q);
333 if ((ssl_version >> 8) >= SSL3_VERSION_MAJOR) { 332 if ((ssl_version >> 8) >= SSL3_VERSION_MAJOR) {
334 if (os.length != 2) { 333 if (os.length != 2) {
335 c.error = SSL_R_CIPHER_CODE_WRONG_LENGTH; 334 SSLerr(SSL_F_D2I_SSL_SESSION,
336 c.line = __LINE__; 335 SSL_R_CIPHER_CODE_WRONG_LENGTH);
337 goto err; 336 goto err;
338 } 337 }
339 id = 0x03000000L | ((unsigned long)os.data[0]<<8L) | 338 id = 0x03000000L | ((unsigned long)os.data[0]<<8L) |
340 (unsigned long)os.data[1]; 339 (unsigned long)os.data[1];
341 } else { 340 } else {
342 c.error = SSL_R_UNKNOWN_SSL_VERSION; 341 SSLerr(SSL_F_D2I_SSL_SESSION, SSL_R_UNKNOWN_SSL_VERSION);
343 c.line = __LINE__;
344 goto err; 342 goto err;
345 } 343 }
346 344
@@ -349,7 +347,7 @@ d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp, long length)
349 347
350 c.q = c.p; 348 c.q = c.p;
351 if (d2i_ASN1_OCTET_STRING(&osp, &c.p, c.slen) == NULL) { 349 if (d2i_ASN1_OCTET_STRING(&osp, &c.p, c.slen) == NULL) {
352 c.line = __LINE__; 350 SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR);
353 goto err; 351 goto err;
354 } 352 }
355 c.slen -= (c.p - c.q); 353 c.slen -= (c.p - c.q);
@@ -366,7 +364,7 @@ d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp, long length)
366 364
367 c.q = c.p; 365 c.q = c.p;
368 if (d2i_ASN1_OCTET_STRING(&osp, &c.p, c.slen) == NULL) { 366 if (d2i_ASN1_OCTET_STRING(&osp, &c.p, c.slen) == NULL) {
369 c.line = __LINE__; 367 SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR);
370 goto err; 368 goto err;
371 } 369 }
372 c.slen -= (c.p - c.q); 370 c.slen -= (c.p - c.q);
@@ -386,21 +384,21 @@ d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp, long length)
386 c.q = c.p; 384 c.q = c.p;
387 Tinf = ASN1_get_object(&c.p, &Tlen, &Ttag, &Tclass, c.slen); 385 Tinf = ASN1_get_object(&c.p, &Tlen, &Ttag, &Tclass, c.slen);
388 if (Tinf & 0x80) { 386 if (Tinf & 0x80) {
389 c.error = ERR_R_BAD_ASN1_OBJECT_HEADER; 387 SSLerr(SSL_F_D2I_SSL_SESSION,
390 c.line = __LINE__; 388 ERR_R_BAD_ASN1_OBJECT_HEADER);
391 goto err; 389 goto err;
392 } 390 }
393 if (Tinf == (V_ASN1_CONSTRUCTED + 1)) 391 if (Tinf == (V_ASN1_CONSTRUCTED + 1))
394 Tlen = c.slen - (c.p - c.q) - 2; 392 Tlen = c.slen - (c.p - c.q) - 2;
395 if (d2i_ASN1_INTEGER(&aip, &c.p, Tlen) == NULL) { 393 if (d2i_ASN1_INTEGER(&aip, &c.p, Tlen) == NULL) {
396 c.line = __LINE__; 394 SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR);
397 goto err; 395 goto err;
398 } 396 }
399 if (Tinf == (V_ASN1_CONSTRUCTED + 1)) { 397 if (Tinf == (V_ASN1_CONSTRUCTED + 1)) {
400 Tlen = c.slen - (c.p - c.q); 398 Tlen = c.slen - (c.p - c.q);
401 if(!ASN1_const_check_infinite_end(&c.p, Tlen)) { 399 if(!ASN1_const_check_infinite_end(&c.p, Tlen)) {
402 c.error = ERR_R_MISSING_ASN1_EOS; 400 SSLerr(SSL_F_D2I_SSL_SESSION,
403 c.line = __LINE__; 401 ERR_R_MISSING_ASN1_EOS);
404 goto err; 402 goto err;
405 } 403 }
406 } 404 }
@@ -421,21 +419,21 @@ d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp, long length)
421 c.q = c.p; 419 c.q = c.p;
422 Tinf = ASN1_get_object(&c.p, &Tlen, &Ttag, &Tclass, c.slen); 420 Tinf = ASN1_get_object(&c.p, &Tlen, &Ttag, &Tclass, c.slen);
423 if (Tinf & 0x80) { 421 if (Tinf & 0x80) {
424 c.error = ERR_R_BAD_ASN1_OBJECT_HEADER; 422 SSLerr(SSL_F_D2I_SSL_SESSION,
425 c.line = __LINE__; 423 ERR_R_BAD_ASN1_OBJECT_HEADER);
426 goto err; 424 goto err;
427 } 425 }
428 if (Tinf == (V_ASN1_CONSTRUCTED + 1)) 426 if (Tinf == (V_ASN1_CONSTRUCTED + 1))
429 Tlen = c.slen - (c.p - c.q) - 2; 427 Tlen = c.slen - (c.p - c.q) - 2;
430 if (d2i_ASN1_INTEGER(&aip, &c.p, Tlen) == NULL) { 428 if (d2i_ASN1_INTEGER(&aip, &c.p, Tlen) == NULL) {
431 c.line = __LINE__; 429 SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR);
432 goto err; 430 goto err;
433 } 431 }
434 if (Tinf == (V_ASN1_CONSTRUCTED + 1)) { 432 if (Tinf == (V_ASN1_CONSTRUCTED + 1)) {
435 Tlen = c.slen - (c.p - c.q); 433 Tlen = c.slen - (c.p - c.q);
436 if(!ASN1_const_check_infinite_end(&c.p, Tlen)) { 434 if(!ASN1_const_check_infinite_end(&c.p, Tlen)) {
437 c.error = ERR_R_MISSING_ASN1_EOS; 435 SSLerr(SSL_F_D2I_SSL_SESSION,
438 c.line = __LINE__; 436 ERR_R_MISSING_ASN1_EOS);
439 goto err; 437 goto err;
440 } 438 }
441 } 439 }
@@ -459,21 +457,21 @@ d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp, long length)
459 c.q = c.p; 457 c.q = c.p;
460 Tinf = ASN1_get_object(&c.p, &Tlen, &Ttag, &Tclass, c.slen); 458 Tinf = ASN1_get_object(&c.p, &Tlen, &Ttag, &Tclass, c.slen);
461 if (Tinf & 0x80) { 459 if (Tinf & 0x80) {
462 c.error = ERR_R_BAD_ASN1_OBJECT_HEADER; 460 SSLerr(SSL_F_D2I_SSL_SESSION,
463 c.line = __LINE__; 461 ERR_R_BAD_ASN1_OBJECT_HEADER);
464 goto err; 462 goto err;
465 } 463 }
466 if (Tinf == (V_ASN1_CONSTRUCTED + 1)) 464 if (Tinf == (V_ASN1_CONSTRUCTED + 1))
467 Tlen = c.slen - (c.p - c.q) - 2; 465 Tlen = c.slen - (c.p - c.q) - 2;
468 if (d2i_X509(&ret->peer, &c.p, Tlen) == NULL) { 466 if (d2i_X509(&ret->peer, &c.p, Tlen) == NULL) {
469 c.line = __LINE__; 467 SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR);
470 goto err; 468 goto err;
471 } 469 }
472 if (Tinf == (V_ASN1_CONSTRUCTED + 1)) { 470 if (Tinf == (V_ASN1_CONSTRUCTED + 1)) {
473 Tlen = c.slen - (c.p - c.q); 471 Tlen = c.slen - (c.p - c.q);
474 if(!ASN1_const_check_infinite_end(&c.p, Tlen)) { 472 if(!ASN1_const_check_infinite_end(&c.p, Tlen)) {
475 c.error = ERR_R_MISSING_ASN1_EOS; 473 SSLerr(SSL_F_D2I_SSL_SESSION,
476 c.line = __LINE__; 474 ERR_R_MISSING_ASN1_EOS);
477 goto err; 475 goto err;
478 } 476 }
479 } 477 }
@@ -488,21 +486,21 @@ d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp, long length)
488 c.q = c.p; 486 c.q = c.p;
489 Tinf = ASN1_get_object(&c.p, &Tlen, &Ttag, &Tclass, c.slen); 487 Tinf = ASN1_get_object(&c.p, &Tlen, &Ttag, &Tclass, c.slen);
490 if (Tinf & 0x80) { 488 if (Tinf & 0x80) {
491 c.error = ERR_R_BAD_ASN1_OBJECT_HEADER; 489 SSLerr(SSL_F_D2I_SSL_SESSION,
492 c.line = __LINE__; 490 ERR_R_BAD_ASN1_OBJECT_HEADER);
493 goto err; 491 goto err;
494 } 492 }
495 if (Tinf == (V_ASN1_CONSTRUCTED + 1)) 493 if (Tinf == (V_ASN1_CONSTRUCTED + 1))
496 Tlen = c.slen - (c.p - c.q) - 2; 494 Tlen = c.slen - (c.p - c.q) - 2;
497 if (d2i_ASN1_OCTET_STRING(&osp, &c.p, Tlen) == NULL) { 495 if (d2i_ASN1_OCTET_STRING(&osp, &c.p, Tlen) == NULL) {
498 c.line = __LINE__; 496 SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR);
499 goto err; 497 goto err;
500 } 498 }
501 if (Tinf == (V_ASN1_CONSTRUCTED + 1)) { 499 if (Tinf == (V_ASN1_CONSTRUCTED + 1)) {
502 Tlen = c.slen - (c.p - c.q); 500 Tlen = c.slen - (c.p - c.q);
503 if(!ASN1_const_check_infinite_end(&c.p, Tlen)) { 501 if(!ASN1_const_check_infinite_end(&c.p, Tlen)) {
504 c.error = ERR_R_MISSING_ASN1_EOS; 502 SSLerr(SSL_F_D2I_SSL_SESSION,
505 c.line = __LINE__; 503 ERR_R_MISSING_ASN1_EOS);
506 goto err; 504 goto err;
507 } 505 }
508 } 506 }
@@ -510,8 +508,7 @@ d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp, long length)
510 } 508 }
511 if (os.data != NULL) { 509 if (os.data != NULL) {
512 if (os.length > SSL_MAX_SID_CTX_LENGTH) { 510 if (os.length > SSL_MAX_SID_CTX_LENGTH) {
513 c.error = SSL_R_BAD_LENGTH; 511 SSLerr(SSL_F_D2I_SSL_SESSION, SSL_R_BAD_LENGTH);
514 c.line = __LINE__;
515 goto err; 512 goto err;
516 } else { 513 } else {
517 ret->sid_ctx_length = os.length; 514 ret->sid_ctx_length = os.length;
@@ -530,21 +527,21 @@ d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp, long length)
530 c.q = c.p; 527 c.q = c.p;
531 Tinf = ASN1_get_object(&c.p, &Tlen, &Ttag, &Tclass, c.slen); 528 Tinf = ASN1_get_object(&c.p, &Tlen, &Ttag, &Tclass, c.slen);
532 if (Tinf & 0x80) { 529 if (Tinf & 0x80) {
533 c.error = ERR_R_BAD_ASN1_OBJECT_HEADER; 530 SSLerr(SSL_F_D2I_SSL_SESSION,
534 c.line = __LINE__; 531 ERR_R_BAD_ASN1_OBJECT_HEADER);
535 goto err; 532 goto err;
536 } 533 }
537 if (Tinf == (V_ASN1_CONSTRUCTED + 1)) 534 if (Tinf == (V_ASN1_CONSTRUCTED + 1))
538 Tlen = c.slen - (c.p - c.q) - 2; 535 Tlen = c.slen - (c.p - c.q) - 2;
539 if (d2i_ASN1_INTEGER(&aip, &c.p, Tlen) == NULL) { 536 if (d2i_ASN1_INTEGER(&aip, &c.p, Tlen) == NULL) {
540 c.line = __LINE__; 537 SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR);
541 goto err; 538 goto err;
542 } 539 }
543 if (Tinf == (V_ASN1_CONSTRUCTED + 1)) { 540 if (Tinf == (V_ASN1_CONSTRUCTED + 1)) {
544 Tlen = c.slen - (c.p - c.q); 541 Tlen = c.slen - (c.p - c.q);
545 if(!ASN1_const_check_infinite_end(&c.p, Tlen)) { 542 if(!ASN1_const_check_infinite_end(&c.p, Tlen)) {
546 c.error = ERR_R_MISSING_ASN1_EOS; 543 SSLerr(SSL_F_D2I_SSL_SESSION,
547 c.line = __LINE__; 544 ERR_R_MISSING_ASN1_EOS);
548 goto err; 545 goto err;
549 } 546 }
550 } 547 }
@@ -566,21 +563,21 @@ d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp, long length)
566 c.q = c.p; 563 c.q = c.p;
567 Tinf = ASN1_get_object(&c.p, &Tlen, &Ttag, &Tclass, c.slen); 564 Tinf = ASN1_get_object(&c.p, &Tlen, &Ttag, &Tclass, c.slen);
568 if (Tinf & 0x80) { 565 if (Tinf & 0x80) {
569 c.error = ERR_R_BAD_ASN1_OBJECT_HEADER; 566 SSLerr(SSL_F_D2I_SSL_SESSION,
570 c.line = __LINE__; 567 ERR_R_BAD_ASN1_OBJECT_HEADER);
571 goto err; 568 goto err;
572 } 569 }
573 if (Tinf == (V_ASN1_CONSTRUCTED + 1)) 570 if (Tinf == (V_ASN1_CONSTRUCTED + 1))
574 Tlen = c.slen - (c.p - c.q) - 2; 571 Tlen = c.slen - (c.p - c.q) - 2;
575 if (d2i_ASN1_OCTET_STRING(&osp, &c.p, Tlen) == NULL) { 572 if (d2i_ASN1_OCTET_STRING(&osp, &c.p, Tlen) == NULL) {
576 c.line = __LINE__; 573 SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR);
577 goto err; 574 goto err;
578 } 575 }
579 if (Tinf == (V_ASN1_CONSTRUCTED + 1)) { 576 if (Tinf == (V_ASN1_CONSTRUCTED + 1)) {
580 Tlen = c.slen - (c.p - c.q); 577 Tlen = c.slen - (c.p - c.q);
581 if(!ASN1_const_check_infinite_end(&c.p, Tlen)) { 578 if(!ASN1_const_check_infinite_end(&c.p, Tlen)) {
582 c.error = ERR_R_MISSING_ASN1_EOS; 579 SSLerr(SSL_F_D2I_SSL_SESSION,
583 c.line = __LINE__; 580 ERR_R_MISSING_ASN1_EOS);
584 goto err; 581 goto err;
585 } 582 }
586 } 583 }
@@ -604,21 +601,21 @@ d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp, long length)
604 c.q = c.p; 601 c.q = c.p;
605 Tinf = ASN1_get_object(&c.p, &Tlen, &Ttag, &Tclass, c.slen); 602 Tinf = ASN1_get_object(&c.p, &Tlen, &Ttag, &Tclass, c.slen);
606 if (Tinf & 0x80) { 603 if (Tinf & 0x80) {
607 c.error = ERR_R_BAD_ASN1_OBJECT_HEADER; 604 SSLerr(SSL_F_D2I_SSL_SESSION,
608 c.line = __LINE__; 605 ERR_R_BAD_ASN1_OBJECT_HEADER);
609 goto err; 606 goto err;
610 } 607 }
611 if (Tinf == (V_ASN1_CONSTRUCTED + 1)) 608 if (Tinf == (V_ASN1_CONSTRUCTED + 1))
612 Tlen = c.slen - (c.p - c.q) - 2; 609 Tlen = c.slen - (c.p - c.q) - 2;
613 if (d2i_ASN1_INTEGER(&aip, &c.p, Tlen) == NULL) { 610 if (d2i_ASN1_INTEGER(&aip, &c.p, Tlen) == NULL) {
614 c.line = __LINE__; 611 SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR);
615 goto err; 612 goto err;
616 } 613 }
617 if (Tinf == (V_ASN1_CONSTRUCTED + 1)) { 614 if (Tinf == (V_ASN1_CONSTRUCTED + 1)) {
618 Tlen = c.slen - (c.p - c.q); 615 Tlen = c.slen - (c.p - c.q);
619 if(!ASN1_const_check_infinite_end(&c.p, Tlen)) { 616 if(!ASN1_const_check_infinite_end(&c.p, Tlen)) {
620 c.error = ERR_R_MISSING_ASN1_EOS; 617 SSLerr(SSL_F_D2I_SSL_SESSION,
621 c.line = __LINE__; 618 ERR_R_MISSING_ASN1_EOS);
622 goto err; 619 goto err;
623 } 620 }
624 } 621 }
@@ -642,21 +639,21 @@ d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp, long length)
642 c.q = c.p; 639 c.q = c.p;
643 Tinf = ASN1_get_object(&c.p, &Tlen, &Ttag, &Tclass, c.slen); 640 Tinf = ASN1_get_object(&c.p, &Tlen, &Ttag, &Tclass, c.slen);
644 if (Tinf & 0x80) { 641 if (Tinf & 0x80) {
645 c.error = ERR_R_BAD_ASN1_OBJECT_HEADER; 642 SSLerr(SSL_F_D2I_SSL_SESSION,
646 c.line = __LINE__; 643 ERR_R_BAD_ASN1_OBJECT_HEADER);
647 goto err; 644 goto err;
648 } 645 }
649 if (Tinf == (V_ASN1_CONSTRUCTED + 1)) 646 if (Tinf == (V_ASN1_CONSTRUCTED + 1))
650 Tlen = c.slen - (c.p - c.q) - 2; 647 Tlen = c.slen - (c.p - c.q) - 2;
651 if (d2i_ASN1_OCTET_STRING(&osp, &c.p, Tlen) == NULL) { 648 if (d2i_ASN1_OCTET_STRING(&osp, &c.p, Tlen) == NULL) {
652 c.line = __LINE__; 649 SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR);
653 goto err; 650 goto err;
654 } 651 }
655 if (Tinf == (V_ASN1_CONSTRUCTED + 1)) { 652 if (Tinf == (V_ASN1_CONSTRUCTED + 1)) {
656 Tlen = c.slen - (c.p - c.q); 653 Tlen = c.slen - (c.p - c.q);
657 if(!ASN1_const_check_infinite_end(&c.p, Tlen)) { 654 if(!ASN1_const_check_infinite_end(&c.p, Tlen)) {
658 c.error = ERR_R_MISSING_ASN1_EOS; 655 SSLerr(SSL_F_D2I_SSL_SESSION,
659 c.line = __LINE__; 656 ERR_R_MISSING_ASN1_EOS);
660 goto err; 657 goto err;
661 } 658 }
662 } 659 }
@@ -674,7 +671,7 @@ d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp, long length)
674 /* 12 - SRP username (OCTET STRING). */ 671 /* 12 - SRP username (OCTET STRING). */
675 672
676 if (!asn1_const_Finish(&c)) { 673 if (!asn1_const_Finish(&c)) {
677 c.line = __LINE__; 674 SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR);
678 goto err; 675 goto err;
679 } 676 }
680 677
@@ -685,9 +682,7 @@ d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp, long length)
685 return (ret); 682 return (ret);
686 683
687err: 684err:
688 ERR_PUT_error(ERR_LIB_SSL, SSL_F_D2I_SSL_SESSION, 685 ERR_asprintf_error_data("address=%p offset=%d", *pp, (int)(c.q - *pp));
689 c.error, __FILE__, c.line);
690 asn1_add_error(*pp, (int)(c.q - *pp));
691 if (ret != NULL && (a == NULL || *a != ret)) 686 if (ret != NULL && (a == NULL || *a != ret))
692 SSL_SESSION_free(ret); 687 SSL_SESSION_free(ret);
693 688
diff --git a/src/lib/libssl/ssl_asn1.c b/src/lib/libssl/ssl_asn1.c
index 90071000de..9e1e2e37a1 100644
--- a/src/lib/libssl/ssl_asn1.c
+++ b/src/lib/libssl/ssl_asn1.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_asn1.c,v 1.34 2014/07/13 17:56:56 jsing Exp $ */ 1/* $OpenBSD: ssl_asn1.c,v 1.35 2014/07/13 21:35:27 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -274,11 +274,10 @@ d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp, long length)
274 c.p = *pp; 274 c.p = *pp;
275 c.q = *pp; 275 c.q = *pp;
276 c.max = (length == 0) ? 0 : (c.p + length); 276 c.max = (length == 0) ? 0 : (c.p + length);
277 c.error = ERR_R_NESTED_ASN1_ERROR;
278 277
279 if (a == NULL || *a == NULL) { 278 if (a == NULL || *a == NULL) {
280 if ((ret = SSL_SESSION_new()) == NULL) { 279 if ((ret = SSL_SESSION_new()) == NULL) {
281 c.line = __LINE__; 280 SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR);
282 goto err; 281 goto err;
283 } 282 }
284 } else 283 } else
@@ -288,7 +287,7 @@ d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp, long length)
288 osp = &os; 287 osp = &os;
289 288
290 if (!asn1_GetSequence(&c, &length)) { 289 if (!asn1_GetSequence(&c, &length)) {
291 c.line = __LINE__; 290 SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR);
292 goto err; 291 goto err;
293 } 292 }
294 293
@@ -296,7 +295,7 @@ d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp, long length)
296 ai.length = 0; 295 ai.length = 0;
297 c.q = c.p; 296 c.q = c.p;
298 if (d2i_ASN1_INTEGER(&aip, &c.p, c.slen) == NULL) { 297 if (d2i_ASN1_INTEGER(&aip, &c.p, c.slen) == NULL) {
299 c.line = __LINE__; 298 SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR);
300 goto err; 299 goto err;
301 } 300 }
302 c.slen -= (c.p - c.q); 301 c.slen -= (c.p - c.q);
@@ -310,7 +309,7 @@ d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp, long length)
310 /* we don't care about the version right now :-) */ 309 /* we don't care about the version right now :-) */
311 c.q = c.p; 310 c.q = c.p;
312 if (d2i_ASN1_INTEGER(&aip, &c.p, c.slen) == NULL) { 311 if (d2i_ASN1_INTEGER(&aip, &c.p, c.slen) == NULL) {
313 c.line = __LINE__; 312 SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR);
314 goto err; 313 goto err;
315 } 314 }
316 c.slen -= (c.p - c.q); 315 c.slen -= (c.p - c.q);
@@ -326,21 +325,20 @@ d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp, long length)
326 os.length = 0; 325 os.length = 0;
327 c.q = c.p; 326 c.q = c.p;
328 if (d2i_ASN1_OCTET_STRING(&osp, &c.p, c.slen) == NULL) { 327 if (d2i_ASN1_OCTET_STRING(&osp, &c.p, c.slen) == NULL) {
329 c.line = __LINE__; 328 SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR);
330 goto err; 329 goto err;
331 } 330 }
332 c.slen -= (c.p - c.q); 331 c.slen -= (c.p - c.q);
333 if ((ssl_version >> 8) >= SSL3_VERSION_MAJOR) { 332 if ((ssl_version >> 8) >= SSL3_VERSION_MAJOR) {
334 if (os.length != 2) { 333 if (os.length != 2) {
335 c.error = SSL_R_CIPHER_CODE_WRONG_LENGTH; 334 SSLerr(SSL_F_D2I_SSL_SESSION,
336 c.line = __LINE__; 335 SSL_R_CIPHER_CODE_WRONG_LENGTH);
337 goto err; 336 goto err;
338 } 337 }
339 id = 0x03000000L | ((unsigned long)os.data[0]<<8L) | 338 id = 0x03000000L | ((unsigned long)os.data[0]<<8L) |
340 (unsigned long)os.data[1]; 339 (unsigned long)os.data[1];
341 } else { 340 } else {
342 c.error = SSL_R_UNKNOWN_SSL_VERSION; 341 SSLerr(SSL_F_D2I_SSL_SESSION, SSL_R_UNKNOWN_SSL_VERSION);
343 c.line = __LINE__;
344 goto err; 342 goto err;
345 } 343 }
346 344
@@ -349,7 +347,7 @@ d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp, long length)
349 347
350 c.q = c.p; 348 c.q = c.p;
351 if (d2i_ASN1_OCTET_STRING(&osp, &c.p, c.slen) == NULL) { 349 if (d2i_ASN1_OCTET_STRING(&osp, &c.p, c.slen) == NULL) {
352 c.line = __LINE__; 350 SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR);
353 goto err; 351 goto err;
354 } 352 }
355 c.slen -= (c.p - c.q); 353 c.slen -= (c.p - c.q);
@@ -366,7 +364,7 @@ d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp, long length)
366 364
367 c.q = c.p; 365 c.q = c.p;
368 if (d2i_ASN1_OCTET_STRING(&osp, &c.p, c.slen) == NULL) { 366 if (d2i_ASN1_OCTET_STRING(&osp, &c.p, c.slen) == NULL) {
369 c.line = __LINE__; 367 SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR);
370 goto err; 368 goto err;
371 } 369 }
372 c.slen -= (c.p - c.q); 370 c.slen -= (c.p - c.q);
@@ -386,21 +384,21 @@ d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp, long length)
386 c.q = c.p; 384 c.q = c.p;
387 Tinf = ASN1_get_object(&c.p, &Tlen, &Ttag, &Tclass, c.slen); 385 Tinf = ASN1_get_object(&c.p, &Tlen, &Ttag, &Tclass, c.slen);
388 if (Tinf & 0x80) { 386 if (Tinf & 0x80) {
389 c.error = ERR_R_BAD_ASN1_OBJECT_HEADER; 387 SSLerr(SSL_F_D2I_SSL_SESSION,
390 c.line = __LINE__; 388 ERR_R_BAD_ASN1_OBJECT_HEADER);
391 goto err; 389 goto err;
392 } 390 }
393 if (Tinf == (V_ASN1_CONSTRUCTED + 1)) 391 if (Tinf == (V_ASN1_CONSTRUCTED + 1))
394 Tlen = c.slen - (c.p - c.q) - 2; 392 Tlen = c.slen - (c.p - c.q) - 2;
395 if (d2i_ASN1_INTEGER(&aip, &c.p, Tlen) == NULL) { 393 if (d2i_ASN1_INTEGER(&aip, &c.p, Tlen) == NULL) {
396 c.line = __LINE__; 394 SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR);
397 goto err; 395 goto err;
398 } 396 }
399 if (Tinf == (V_ASN1_CONSTRUCTED + 1)) { 397 if (Tinf == (V_ASN1_CONSTRUCTED + 1)) {
400 Tlen = c.slen - (c.p - c.q); 398 Tlen = c.slen - (c.p - c.q);
401 if(!ASN1_const_check_infinite_end(&c.p, Tlen)) { 399 if(!ASN1_const_check_infinite_end(&c.p, Tlen)) {
402 c.error = ERR_R_MISSING_ASN1_EOS; 400 SSLerr(SSL_F_D2I_SSL_SESSION,
403 c.line = __LINE__; 401 ERR_R_MISSING_ASN1_EOS);
404 goto err; 402 goto err;
405 } 403 }
406 } 404 }
@@ -421,21 +419,21 @@ d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp, long length)
421 c.q = c.p; 419 c.q = c.p;
422 Tinf = ASN1_get_object(&c.p, &Tlen, &Ttag, &Tclass, c.slen); 420 Tinf = ASN1_get_object(&c.p, &Tlen, &Ttag, &Tclass, c.slen);
423 if (Tinf & 0x80) { 421 if (Tinf & 0x80) {
424 c.error = ERR_R_BAD_ASN1_OBJECT_HEADER; 422 SSLerr(SSL_F_D2I_SSL_SESSION,
425 c.line = __LINE__; 423 ERR_R_BAD_ASN1_OBJECT_HEADER);
426 goto err; 424 goto err;
427 } 425 }
428 if (Tinf == (V_ASN1_CONSTRUCTED + 1)) 426 if (Tinf == (V_ASN1_CONSTRUCTED + 1))
429 Tlen = c.slen - (c.p - c.q) - 2; 427 Tlen = c.slen - (c.p - c.q) - 2;
430 if (d2i_ASN1_INTEGER(&aip, &c.p, Tlen) == NULL) { 428 if (d2i_ASN1_INTEGER(&aip, &c.p, Tlen) == NULL) {
431 c.line = __LINE__; 429 SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR);
432 goto err; 430 goto err;
433 } 431 }
434 if (Tinf == (V_ASN1_CONSTRUCTED + 1)) { 432 if (Tinf == (V_ASN1_CONSTRUCTED + 1)) {
435 Tlen = c.slen - (c.p - c.q); 433 Tlen = c.slen - (c.p - c.q);
436 if(!ASN1_const_check_infinite_end(&c.p, Tlen)) { 434 if(!ASN1_const_check_infinite_end(&c.p, Tlen)) {
437 c.error = ERR_R_MISSING_ASN1_EOS; 435 SSLerr(SSL_F_D2I_SSL_SESSION,
438 c.line = __LINE__; 436 ERR_R_MISSING_ASN1_EOS);
439 goto err; 437 goto err;
440 } 438 }
441 } 439 }
@@ -459,21 +457,21 @@ d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp, long length)
459 c.q = c.p; 457 c.q = c.p;
460 Tinf = ASN1_get_object(&c.p, &Tlen, &Ttag, &Tclass, c.slen); 458 Tinf = ASN1_get_object(&c.p, &Tlen, &Ttag, &Tclass, c.slen);
461 if (Tinf & 0x80) { 459 if (Tinf & 0x80) {
462 c.error = ERR_R_BAD_ASN1_OBJECT_HEADER; 460 SSLerr(SSL_F_D2I_SSL_SESSION,
463 c.line = __LINE__; 461 ERR_R_BAD_ASN1_OBJECT_HEADER);
464 goto err; 462 goto err;
465 } 463 }
466 if (Tinf == (V_ASN1_CONSTRUCTED + 1)) 464 if (Tinf == (V_ASN1_CONSTRUCTED + 1))
467 Tlen = c.slen - (c.p - c.q) - 2; 465 Tlen = c.slen - (c.p - c.q) - 2;
468 if (d2i_X509(&ret->peer, &c.p, Tlen) == NULL) { 466 if (d2i_X509(&ret->peer, &c.p, Tlen) == NULL) {
469 c.line = __LINE__; 467 SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR);
470 goto err; 468 goto err;
471 } 469 }
472 if (Tinf == (V_ASN1_CONSTRUCTED + 1)) { 470 if (Tinf == (V_ASN1_CONSTRUCTED + 1)) {
473 Tlen = c.slen - (c.p - c.q); 471 Tlen = c.slen - (c.p - c.q);
474 if(!ASN1_const_check_infinite_end(&c.p, Tlen)) { 472 if(!ASN1_const_check_infinite_end(&c.p, Tlen)) {
475 c.error = ERR_R_MISSING_ASN1_EOS; 473 SSLerr(SSL_F_D2I_SSL_SESSION,
476 c.line = __LINE__; 474 ERR_R_MISSING_ASN1_EOS);
477 goto err; 475 goto err;
478 } 476 }
479 } 477 }
@@ -488,21 +486,21 @@ d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp, long length)
488 c.q = c.p; 486 c.q = c.p;
489 Tinf = ASN1_get_object(&c.p, &Tlen, &Ttag, &Tclass, c.slen); 487 Tinf = ASN1_get_object(&c.p, &Tlen, &Ttag, &Tclass, c.slen);
490 if (Tinf & 0x80) { 488 if (Tinf & 0x80) {
491 c.error = ERR_R_BAD_ASN1_OBJECT_HEADER; 489 SSLerr(SSL_F_D2I_SSL_SESSION,
492 c.line = __LINE__; 490 ERR_R_BAD_ASN1_OBJECT_HEADER);
493 goto err; 491 goto err;
494 } 492 }
495 if (Tinf == (V_ASN1_CONSTRUCTED + 1)) 493 if (Tinf == (V_ASN1_CONSTRUCTED + 1))
496 Tlen = c.slen - (c.p - c.q) - 2; 494 Tlen = c.slen - (c.p - c.q) - 2;
497 if (d2i_ASN1_OCTET_STRING(&osp, &c.p, Tlen) == NULL) { 495 if (d2i_ASN1_OCTET_STRING(&osp, &c.p, Tlen) == NULL) {
498 c.line = __LINE__; 496 SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR);
499 goto err; 497 goto err;
500 } 498 }
501 if (Tinf == (V_ASN1_CONSTRUCTED + 1)) { 499 if (Tinf == (V_ASN1_CONSTRUCTED + 1)) {
502 Tlen = c.slen - (c.p - c.q); 500 Tlen = c.slen - (c.p - c.q);
503 if(!ASN1_const_check_infinite_end(&c.p, Tlen)) { 501 if(!ASN1_const_check_infinite_end(&c.p, Tlen)) {
504 c.error = ERR_R_MISSING_ASN1_EOS; 502 SSLerr(SSL_F_D2I_SSL_SESSION,
505 c.line = __LINE__; 503 ERR_R_MISSING_ASN1_EOS);
506 goto err; 504 goto err;
507 } 505 }
508 } 506 }
@@ -510,8 +508,7 @@ d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp, long length)
510 } 508 }
511 if (os.data != NULL) { 509 if (os.data != NULL) {
512 if (os.length > SSL_MAX_SID_CTX_LENGTH) { 510 if (os.length > SSL_MAX_SID_CTX_LENGTH) {
513 c.error = SSL_R_BAD_LENGTH; 511 SSLerr(SSL_F_D2I_SSL_SESSION, SSL_R_BAD_LENGTH);
514 c.line = __LINE__;
515 goto err; 512 goto err;
516 } else { 513 } else {
517 ret->sid_ctx_length = os.length; 514 ret->sid_ctx_length = os.length;
@@ -530,21 +527,21 @@ d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp, long length)
530 c.q = c.p; 527 c.q = c.p;
531 Tinf = ASN1_get_object(&c.p, &Tlen, &Ttag, &Tclass, c.slen); 528 Tinf = ASN1_get_object(&c.p, &Tlen, &Ttag, &Tclass, c.slen);
532 if (Tinf & 0x80) { 529 if (Tinf & 0x80) {
533 c.error = ERR_R_BAD_ASN1_OBJECT_HEADER; 530 SSLerr(SSL_F_D2I_SSL_SESSION,
534 c.line = __LINE__; 531 ERR_R_BAD_ASN1_OBJECT_HEADER);
535 goto err; 532 goto err;
536 } 533 }
537 if (Tinf == (V_ASN1_CONSTRUCTED + 1)) 534 if (Tinf == (V_ASN1_CONSTRUCTED + 1))
538 Tlen = c.slen - (c.p - c.q) - 2; 535 Tlen = c.slen - (c.p - c.q) - 2;
539 if (d2i_ASN1_INTEGER(&aip, &c.p, Tlen) == NULL) { 536 if (d2i_ASN1_INTEGER(&aip, &c.p, Tlen) == NULL) {
540 c.line = __LINE__; 537 SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR);
541 goto err; 538 goto err;
542 } 539 }
543 if (Tinf == (V_ASN1_CONSTRUCTED + 1)) { 540 if (Tinf == (V_ASN1_CONSTRUCTED + 1)) {
544 Tlen = c.slen - (c.p - c.q); 541 Tlen = c.slen - (c.p - c.q);
545 if(!ASN1_const_check_infinite_end(&c.p, Tlen)) { 542 if(!ASN1_const_check_infinite_end(&c.p, Tlen)) {
546 c.error = ERR_R_MISSING_ASN1_EOS; 543 SSLerr(SSL_F_D2I_SSL_SESSION,
547 c.line = __LINE__; 544 ERR_R_MISSING_ASN1_EOS);
548 goto err; 545 goto err;
549 } 546 }
550 } 547 }
@@ -566,21 +563,21 @@ d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp, long length)
566 c.q = c.p; 563 c.q = c.p;
567 Tinf = ASN1_get_object(&c.p, &Tlen, &Ttag, &Tclass, c.slen); 564 Tinf = ASN1_get_object(&c.p, &Tlen, &Ttag, &Tclass, c.slen);
568 if (Tinf & 0x80) { 565 if (Tinf & 0x80) {
569 c.error = ERR_R_BAD_ASN1_OBJECT_HEADER; 566 SSLerr(SSL_F_D2I_SSL_SESSION,
570 c.line = __LINE__; 567 ERR_R_BAD_ASN1_OBJECT_HEADER);
571 goto err; 568 goto err;
572 } 569 }
573 if (Tinf == (V_ASN1_CONSTRUCTED + 1)) 570 if (Tinf == (V_ASN1_CONSTRUCTED + 1))
574 Tlen = c.slen - (c.p - c.q) - 2; 571 Tlen = c.slen - (c.p - c.q) - 2;
575 if (d2i_ASN1_OCTET_STRING(&osp, &c.p, Tlen) == NULL) { 572 if (d2i_ASN1_OCTET_STRING(&osp, &c.p, Tlen) == NULL) {
576 c.line = __LINE__; 573 SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR);
577 goto err; 574 goto err;
578 } 575 }
579 if (Tinf == (V_ASN1_CONSTRUCTED + 1)) { 576 if (Tinf == (V_ASN1_CONSTRUCTED + 1)) {
580 Tlen = c.slen - (c.p - c.q); 577 Tlen = c.slen - (c.p - c.q);
581 if(!ASN1_const_check_infinite_end(&c.p, Tlen)) { 578 if(!ASN1_const_check_infinite_end(&c.p, Tlen)) {
582 c.error = ERR_R_MISSING_ASN1_EOS; 579 SSLerr(SSL_F_D2I_SSL_SESSION,
583 c.line = __LINE__; 580 ERR_R_MISSING_ASN1_EOS);
584 goto err; 581 goto err;
585 } 582 }
586 } 583 }
@@ -604,21 +601,21 @@ d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp, long length)
604 c.q = c.p; 601 c.q = c.p;
605 Tinf = ASN1_get_object(&c.p, &Tlen, &Ttag, &Tclass, c.slen); 602 Tinf = ASN1_get_object(&c.p, &Tlen, &Ttag, &Tclass, c.slen);
606 if (Tinf & 0x80) { 603 if (Tinf & 0x80) {
607 c.error = ERR_R_BAD_ASN1_OBJECT_HEADER; 604 SSLerr(SSL_F_D2I_SSL_SESSION,
608 c.line = __LINE__; 605 ERR_R_BAD_ASN1_OBJECT_HEADER);
609 goto err; 606 goto err;
610 } 607 }
611 if (Tinf == (V_ASN1_CONSTRUCTED + 1)) 608 if (Tinf == (V_ASN1_CONSTRUCTED + 1))
612 Tlen = c.slen - (c.p - c.q) - 2; 609 Tlen = c.slen - (c.p - c.q) - 2;
613 if (d2i_ASN1_INTEGER(&aip, &c.p, Tlen) == NULL) { 610 if (d2i_ASN1_INTEGER(&aip, &c.p, Tlen) == NULL) {
614 c.line = __LINE__; 611 SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR);
615 goto err; 612 goto err;
616 } 613 }
617 if (Tinf == (V_ASN1_CONSTRUCTED + 1)) { 614 if (Tinf == (V_ASN1_CONSTRUCTED + 1)) {
618 Tlen = c.slen - (c.p - c.q); 615 Tlen = c.slen - (c.p - c.q);
619 if(!ASN1_const_check_infinite_end(&c.p, Tlen)) { 616 if(!ASN1_const_check_infinite_end(&c.p, Tlen)) {
620 c.error = ERR_R_MISSING_ASN1_EOS; 617 SSLerr(SSL_F_D2I_SSL_SESSION,
621 c.line = __LINE__; 618 ERR_R_MISSING_ASN1_EOS);
622 goto err; 619 goto err;
623 } 620 }
624 } 621 }
@@ -642,21 +639,21 @@ d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp, long length)
642 c.q = c.p; 639 c.q = c.p;
643 Tinf = ASN1_get_object(&c.p, &Tlen, &Ttag, &Tclass, c.slen); 640 Tinf = ASN1_get_object(&c.p, &Tlen, &Ttag, &Tclass, c.slen);
644 if (Tinf & 0x80) { 641 if (Tinf & 0x80) {
645 c.error = ERR_R_BAD_ASN1_OBJECT_HEADER; 642 SSLerr(SSL_F_D2I_SSL_SESSION,
646 c.line = __LINE__; 643 ERR_R_BAD_ASN1_OBJECT_HEADER);
647 goto err; 644 goto err;
648 } 645 }
649 if (Tinf == (V_ASN1_CONSTRUCTED + 1)) 646 if (Tinf == (V_ASN1_CONSTRUCTED + 1))
650 Tlen = c.slen - (c.p - c.q) - 2; 647 Tlen = c.slen - (c.p - c.q) - 2;
651 if (d2i_ASN1_OCTET_STRING(&osp, &c.p, Tlen) == NULL) { 648 if (d2i_ASN1_OCTET_STRING(&osp, &c.p, Tlen) == NULL) {
652 c.line = __LINE__; 649 SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR);
653 goto err; 650 goto err;
654 } 651 }
655 if (Tinf == (V_ASN1_CONSTRUCTED + 1)) { 652 if (Tinf == (V_ASN1_CONSTRUCTED + 1)) {
656 Tlen = c.slen - (c.p - c.q); 653 Tlen = c.slen - (c.p - c.q);
657 if(!ASN1_const_check_infinite_end(&c.p, Tlen)) { 654 if(!ASN1_const_check_infinite_end(&c.p, Tlen)) {
658 c.error = ERR_R_MISSING_ASN1_EOS; 655 SSLerr(SSL_F_D2I_SSL_SESSION,
659 c.line = __LINE__; 656 ERR_R_MISSING_ASN1_EOS);
660 goto err; 657 goto err;
661 } 658 }
662 } 659 }
@@ -674,7 +671,7 @@ d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp, long length)
674 /* 12 - SRP username (OCTET STRING). */ 671 /* 12 - SRP username (OCTET STRING). */
675 672
676 if (!asn1_const_Finish(&c)) { 673 if (!asn1_const_Finish(&c)) {
677 c.line = __LINE__; 674 SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR);
678 goto err; 675 goto err;
679 } 676 }
680 677
@@ -685,9 +682,7 @@ d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp, long length)
685 return (ret); 682 return (ret);
686 683
687err: 684err:
688 ERR_PUT_error(ERR_LIB_SSL, SSL_F_D2I_SSL_SESSION, 685 ERR_asprintf_error_data("address=%p offset=%d", *pp, (int)(c.q - *pp));
689 c.error, __FILE__, c.line);
690 asn1_add_error(*pp, (int)(c.q - *pp));
691 if (ret != NULL && (a == NULL || *a != ret)) 686 if (ret != NULL && (a == NULL || *a != ret))
692 SSL_SESSION_free(ret); 687 SSL_SESSION_free(ret);
693 688
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-22 23:14:22 +0000