diff options
| author | Dr. Stephen Henson <steve@openssl.org> | 2014-07-02 00:57:57 +0100 |
|---|---|---|
| committer | Dr. Stephen Henson <steve@openssl.org> | 2014-07-02 01:00:18 +0100 |
| commit | 6d87cd2f033533cd430f7e3c7dccbcb62741a559 (patch) | |
| tree | ec5ed5d0f28b30ec8903e071d50efa9fa2813362 /crypto/asn1 | |
| parent | 2db3ea29298bdc347f15fbfab6d5746022f05101 (diff) | |
ASN1 sanity check.
Primitive encodings shouldn't use indefinite length constructed
form.
PR#2438 (partial).
(cherry picked from commit 398e99fe5e06edb11f55a39ce0883d9aa633ffa9)
Diffstat (limited to 'crypto/asn1')
| -rw-r--r-- | crypto/asn1/asn1_lib.c | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/crypto/asn1/asn1_lib.c b/crypto/asn1/asn1_lib.c index 1bcb44aee2..fa04b08ed6 100644 --- a/crypto/asn1/asn1_lib.c +++ b/crypto/asn1/asn1_lib.c @@ -131,6 +131,9 @@ int ASN1_get_object(const unsigned char **pp, long *plength, int *ptag, *pclass=xclass; if (!asn1_get_length(&p,&inf,plength,(int)max)) goto err; + if (inf && !(ret & V_ASN1_CONSTRUCTED)) + goto err; + #if 0 fprintf(stderr,"p=%d + *plength=%ld > omax=%ld + *pp=%d (%d > %d)\n", (int)p,*plength,omax,(int)*pp,(int)(p+ *plength), |