wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-08-02 20:24:39 +02:00
Code Issues Packages Projects Releases Wiki Activity

wolfcrypt/src/asn.c GetLength_ex(): test for overlong length spec before using length as shift operand.

Browse Source
This commit is contained in:
Daniel Pouzzner
2022-04-08 08:15:02 -05:00
parent 9859492222
commit 1c570fae3b
1 changed files with 5 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
wolfcrypt/src/asn.c
View File

@@ -2099,7 +2099,11 @@ int GetLength_ex(const byte* input, word32* inOutIdx, int* len, word32 maxIdx,
else if (bytes == 1) { else if (bytes == 1) {
minLen = 0x80; minLen = 0x80;
} }
else { /* Only support up to the number of bytes that fit into return var. */
else if (bytes > sizeof(length)) {
WOLFSSL_MSG("GetLength - overlong data length spec");
return ASN_PARSE_E;
} else {
minLen = 1 << ((bytes - 1) * 8); minLen = 1 << ((bytes - 1) * 8);
} }
@@ -2109,10 +2113,6 @@ int GetLength_ex(const byte* input, word32* inOutIdx, int* len, word32 maxIdx,
return BUFFER_E; return BUFFER_E;
} }
/* Only support up to the number of bytes that fit into return var. */
if (bytes > sizeof(length)) {
return ASN_PARSE_E;
}
/* Big-endian encoding of number. */ /* Big-endian encoding of number. */
while (bytes--) { while (bytes--) {
b = input[idx++]; b = input[idx++];