feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Maintenance: ASN.1

Browse Source 
1. Reject as an error any ASN.1 length value that is multibyte of length 0.
This commit is contained in:
John Safranek
2019-11-18 17:02:19 -08:00
parent c9f7741dfb
commit fea1f1d6e5
1 changed files with 5 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
wolfcrypt/src/asn.c
View File

@ -179,7 +179,11 @@ WOLFSSL_LOCAL int GetLength_ex(const byte* input, word32* inOutIdx, int* len,
}
b = input[idx++];
if (b >= ASN_LONG_LENGTH) {
if (b == ASN_LONG_LENGTH) {
WOLFSSL_MSG("GetLength bad length length");
return ASN_PARSE_E;
}
else if (b > ASN_LONG_LENGTH) {
word32 bytes = b & 0x7F;
if ((idx + bytes) > maxIdx) { /* for reading bytes */