feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Maintenance: ASN.1

Browse Source 
1. Add an additional check in GetCertHeader() to see that sigIndex is
bounded by maxIdx.
This commit is contained in:
John Safranek
2019-11-27 10:43:51 -08:00
parent 55540c6bd3
commit cc722468be
1 changed files with 3 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
wolfcrypt/src/asn.c
View File

@ -4553,7 +4553,10 @@ static int GetCertHeader(DecodedCert* cert)
if (GetSequence(cert->source, &cert->srcIdx, &len, cert->maxIdx) < 0) if (GetSequence(cert->source, &cert->srcIdx, &len, cert->maxIdx) < 0)
return ASN_PARSE_E; return ASN_PARSE_E;
cert->sigIndex = len + cert->srcIdx; cert->sigIndex = len + cert->srcIdx;
if (cert->sigIndex > cert->maxIdx)
return ASN_PARSE_E;
if (GetExplicitVersion(cert->source, &cert->srcIdx, &cert->version, if (GetExplicitVersion(cert->source, &cert->srcIdx, &cert->version,
cert->sigIndex) < 0) cert->sigIndex) < 0)