diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2016-08-02 23:53:41 +0100 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2016-08-03 02:36:08 +0100 |
commit | 5db2a579b72b94aa0dacb08530768a1a5759237d (patch) | |
tree | 0e17220f2131ed2982189e07017a67ad5ad8ad6e | |
parent | c648bdcc4cd8a7d1699081d339ff33deda69a3be (diff) |
Calculate sequence length properly.
Use correct length in old ASN.1 indefinite length sequence decoder
(only used by SSL_SESSION).
This bug was discovered by Hanno Böck using libfuzzer.
Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit 436dead2e2a157fa501a7538a77b6078391b477f)
-rw-r--r-- | crypto/asn1/asn1_lib.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/crypto/asn1/asn1_lib.c b/crypto/asn1/asn1_lib.c index 8752654103..80f5f2b014 100644 --- a/crypto/asn1/asn1_lib.c +++ b/crypto/asn1/asn1_lib.c @@ -328,7 +328,7 @@ int asn1_GetSequence(ASN1_const_CTX *c, long *length) return (0); } if (c->inf == (1 | V_ASN1_CONSTRUCTED)) - c->slen = *length + *(c->pp) - c->p; + c->slen = *length; c->eos = 0; return (1); } |