diff options
author | Matt Caswell <matt@openssl.org> | 2021-05-27 16:47:14 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2021-06-08 18:53:28 +0100 |
commit | f8da1d800580fb521b450b51f9e07ad1c3c1798d (patch) | |
tree | ffb09db68942986716f1411a6e7703720e37c181 /crypto | |
parent | 2b049e933a8d017fa667e69b5b0ec4437eb8d68c (diff) |
Ensure that we consume all the data when decoding an SPKI
If we are decoding a SubjectPublicKeyInfo structure then we must use all
of the data and must not have bytes "left over".
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15504)
Diffstat (limited to 'crypto')
-rw-r--r-- | crypto/x509/x_pubkey.c | 15 |
1 files changed, 13 insertions, 2 deletions
diff --git a/crypto/x509/x_pubkey.c b/crypto/x509/x_pubkey.c index 9ba63788bc..3eb21a0c79 100644 --- a/crypto/x509/x_pubkey.c +++ b/crypto/x509/x_pubkey.c @@ -161,6 +161,7 @@ static int x509_pubkey_ex_d2i_ex(ASN1_VALUE **pval, if (ret <= 0 && !pubkey->flag_force_legacy) { const unsigned char *p; char txtoidname[OSSL_MAX_NAME_SIZE]; + size_t slen = publen; /* * The decoders don't know how to handle anything other than Universal @@ -190,9 +191,19 @@ static int x509_pubkey_ex_d2i_ex(ASN1_VALUE **pval, pubkey->propq)) != NULL) /* * As said higher up, we're being opportunistic. In other words, - * we don't care about what the return value signals. + * we don't care if we fail. */ - OSSL_DECODER_from_data(dctx, &p, NULL); + if (OSSL_DECODER_from_data(dctx, &p, &slen)) { + if (slen != 0) { + /* + * If we successfully decoded then we *must* consume all the + * bytes. + */ + ERR_clear_last_mark(); + ERR_raise(ERR_LIB_ASN1, EVP_R_DECODE_ERROR); + goto end; + } + } } ERR_pop_to_mark(); |