We can't always read 6 bytes in an OCSP response: fix so error statuses

are read correctly for non-blocking I/O.
author: Dr. Stephen Henson <steve@openssl.org> 2010-10-06 18:01:35 +0000
committer: Dr. Stephen Henson <steve@openssl.org> 2010-10-06 18:01:35 +0000
commit: 93fc0e0e40a1c0dedd5cbacf8b11caef7079b953 (patch)
tree: eb92524cb14b9b671c9d0a4e8dc939f2a56b0fb0 /crypto
parent: 84f1c143968f2438cb69ed4e22f93fa8635a653f (diff)
1 files changed, 9 insertions, 3 deletions
diff --git a/crypto/ocsp/ocsp_ht.c b/crypto/ocsp/ocsp_ht.c
index 6abb30b2c0..92aba08c8f 100644
--- a/crypto/ocsp/ocsp_ht.c
+++ b/crypto/ocsp/ocsp_ht.c
@@ -371,11 +371,12 @@ int OCSP_sendreq_nbio(OCSP_RESPONSE **presp, OCSP_REQ_CTX *rctx)
 
 
 		case OHS_ASN1_HEADER:
-		/* Now reading ASN1 header: can read at least 6 bytes which
-		 * is more than enough for any valid ASN1 SEQUENCE header
+		/* Now reading ASN1 header: can read at least 2 bytes which
+		 * is enough for ASN1 SEQUENCE header and either length field
+		 * or at least the length of the length field.
 		 */
 		n = BIO_get_mem_data(rctx->mem, &p);
-		if (n < 6)
+		if (n < 2)
 			goto next_io;
 
 		/* Check it is an ASN1 SEQUENCE */
@@ -388,6 +389,11 @@ int OCSP_sendreq_nbio(OCSP_RESPONSE **presp, OCSP_REQ_CTX *rctx)
 		/* Check out length field */
 		if (*p & 0x80)
 			{
+			/* If MSB set on initial length octet we can now
+			 * always read 6 octets: make sure we have them.
+			 */
+			if (n < 6)
+				goto next_io;
 			n = *p & 0x7F;
 			/* Not NDEF or excessive length */
 			if (!n || (n > 4))
author	Dr. Stephen Henson <steve@openssl.org>	2010-10-06 18:01:35 +0000
committer	Dr. Stephen Henson <steve@openssl.org>	2010-10-06 18:01:35 +0000
commit	93fc0e0e40a1c0dedd5cbacf8b11caef7079b953 (patch)
tree	eb92524cb14b9b671c9d0a4e8dc939f2a56b0fb0 /crypto
parent	84f1c143968f2438cb69ed4e22f93fa8635a653f (diff)