feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Only try and return serial number or check padding if the serial number size is greater than 1.

Browse Source
This commit is contained in:
David Garske
2016-08-05 12:53:26 -07:00
parent 96da2df7ec
commit 6b1ff8e9d7
1 changed files with 13 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
wolfcrypt/src/asn.c
View File

@@ -5307,26 +5307,30 @@ WOLFSSL_LOCAL int GetSerialNumber(const byte* input, word32* inOutIdx,
return ASN_PARSE_E; return ASN_PARSE_E;
} }
/* serial size check */
if (*serialSz < 0 || *serialSz > EXTERNAL_SERIAL_SIZE) { if (*serialSz < 0 || *serialSz > EXTERNAL_SERIAL_SIZE) {
WOLFSSL_MSG("Serial size bad"); WOLFSSL_MSG("Serial size bad");
return ASN_PARSE_E; return ASN_PARSE_E;
} }
/* serial size check */ /* serial size check against max index */
if ((*inOutIdx + *serialSz) > maxIdx) { if ((*inOutIdx + *serialSz) > maxIdx) {
WOLFSSL_MSG("Bad idx serial"); WOLFSSL_MSG("Bad idx serial");
return BUFFER_E; return BUFFER_E;
} }
/* skip padding */ /* only check padding and return serial if length is greater than 1 */
if (input[*inOutIdx] == 0x00) { if (*serialSz > 0) {
*serialSz -= 1; /* skip padding */
*inOutIdx += 1; if (input[*inOutIdx] == 0x00) {
} *serialSz -= 1;
*inOutIdx += 1;
}
/* return serial */ /* return serial */
XMEMCPY(serial, &input[*inOutIdx], *serialSz); XMEMCPY(serial, &input[*inOutIdx], *serialSz);
*inOutIdx += *serialSz; *inOutIdx += *serialSz;
}
return result; return result;
} }