diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2002-08-02 18:48:55 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2002-08-02 18:48:55 +0000 |
commit | f90822689891ca5150f71f8f0502d1877f10faa4 (patch) | |
tree | ca850f6429f1d57bd1ff11ce3d435352922081b9 /crypto/asn1 | |
parent | 909abce8002bf6babc42b8196c812f738d8cd0d6 (diff) |
Fix the ASN1 sanity check: correct header length
calculation and check overflow against LONG_MAX.
Diffstat (limited to 'crypto/asn1')
-rw-r--r-- | crypto/asn1/asn1_lib.c | 9 |
1 files changed, 5 insertions, 4 deletions
diff --git a/crypto/asn1/asn1_lib.c b/crypto/asn1/asn1_lib.c index 422685a3b4..f8b636c505 100644 --- a/crypto/asn1/asn1_lib.c +++ b/crypto/asn1/asn1_lib.c @@ -57,6 +57,7 @@ */ #include <stdio.h> +#include <limits.h> #include "cryptlib.h" #include <openssl/asn1.h> #include <openssl/asn1_mac.h> @@ -124,7 +125,7 @@ int ASN1_get_object(unsigned char **pp, long *plength, int *ptag, int *pclass, (int)(omax+ *pp)); #endif - if (*plength > (omax - (*pp - p))) + if (*plength > (omax - (*p - *pp))) { ASN1err(ASN1_F_ASN1_GET_OBJECT,ASN1_R_TOO_LONG); /* Set this so that even if things are not long enough @@ -141,7 +142,7 @@ err: static int asn1_get_length(unsigned char **pp, int *inf, long *rl, int max) { unsigned char *p= *pp; - long ret=0; + unsigned long ret=0; int i; if (max-- < 1) return(0); @@ -170,10 +171,10 @@ static int asn1_get_length(unsigned char **pp, int *inf, long *rl, int max) else ret=i; } - if (ret < 0) + if (ret > LONG_MAX) return 0; *pp=p; - *rl=ret; + *rl=(long)ret; return(1); } |