diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2011-07-14 12:01:53 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2011-07-14 12:01:53 +0000 |
commit | 9fe51d5f73fdd07d6bae82f415f203bafb4b00f5 (patch) | |
tree | ddc4d53357e2fd8bfbf56e2d3dddf80dfea40148 /crypto | |
parent | b79853c26206ba9e45e2de4e3582630a0b1c78f1 (diff) |
PR: 2556 (partial)
Reported by: Daniel Marschall <daniel-marschall@viathinksoft.de>
Reviewed by: steve
Fix OID routines.
Check on encoding leading zero rejection should start at beginning of
encoding.
Allow for initial digit when testing when to use BIGNUMs which can increase
first value by 2 * 40.
Diffstat (limited to 'crypto')
-rw-r--r-- | crypto/asn1/a_object.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/crypto/asn1/a_object.c b/crypto/asn1/a_object.c index 0ef0ac3e89..3978c9150d 100644 --- a/crypto/asn1/a_object.c +++ b/crypto/asn1/a_object.c @@ -139,7 +139,7 @@ int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num) ASN1err(ASN1_F_A2D_ASN1_OBJECT,ASN1_R_INVALID_DIGIT); goto err; } - if (!use_bn && l >= (ULONG_MAX / 10L)) + if (!use_bn && l >= ((ULONG_MAX - 80) / 10L)) { use_bn = 1; if (!bl) @@ -293,7 +293,7 @@ ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp, /* Sanity check OID encoding: can't have leading 0x80 in * subidentifiers, see: X.690 8.19.2 */ - for (i = 0, p = *pp + 1; i < len - 1; i++, p++) + for (i = 0, p = *pp; i < len; i++, p++) { if (*p == 0x80 && (!i || !(p[-1] & 0x80))) { |