forked from wolfSSL/wolfssl
break out on error parsing PKCS#7 SignedData inner OCTET_STRING
This commit is contained in:
@ -4379,11 +4379,17 @@ static int PKCS7_VerifySignedData(PKCS7* pkcs7, const byte* hashBuf,
|
||||
if (localIdx - start + length == (word32)contentLen) {
|
||||
multiPart = 0;
|
||||
} else {
|
||||
/* reset length to outer OCTET_STRING (contentLen) */
|
||||
/* reset length to outer OCTET_STRING for bundle size
|
||||
* check below */
|
||||
length = contentLen;
|
||||
}
|
||||
localIdx = start;
|
||||
}
|
||||
|
||||
if (ret != 0) {
|
||||
/* failed ASN1 parsing during OCTET_STRING checks */
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
/* get length of content in case of single part */
|
||||
@ -4426,7 +4432,10 @@ static int PKCS7_VerifySignedData(PKCS7* pkcs7, const byte* hashBuf,
|
||||
if (!degenerate && !detached && ret != 0)
|
||||
break;
|
||||
|
||||
length = 0; /* no content to read */
|
||||
/* no content to read */
|
||||
length = 0;
|
||||
contentLen = 0;
|
||||
|
||||
pkiMsg2 = pkiMsg;
|
||||
pkiMsg2Sz = pkiMsgSz;
|
||||
}
|
||||
|
Reference in New Issue
Block a user