diff options
author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2016-04-07 12:43:13 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2016-04-07 12:45:10 +0200 |
commit | f42c4a14f2abd3ed06b80970fef5381794a66033 (patch) | |
tree | 706add545668b193999f0296c9549a5a31c2b770 | |
parent | 39465cb227a122d99dc39be47aadd758980c36b5 (diff) | |
download | libtasn1-f42c4a14f2abd3ed06b80970fef5381794a66033.tar.gz |
_asn1_extract_der_octet: check for EOC in octet string decoding
-rw-r--r-- | lib/decoding.c | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/lib/decoding.c b/lib/decoding.c index 4fff03e..f2c8142 100644 --- a/lib/decoding.c +++ b/lib/decoding.c @@ -799,11 +799,17 @@ _asn1_extract_der_octet (asn1_node node, const unsigned char *der, DECR_LEN(der_len, len3); result = _asn1_extract_der_octet (node, der + counter + len3, - der_len, flags, &len2); + der_len, flags|ASN1_DECODE_FLAG_STRICT_DER, &len2); if (result != ASN1_SUCCESS) return result; - DECR_LEN(der_len, len2); + + /* check for EOC */ + if (der_len < 2 || (der[counter+len3+len2] != 0 && der[counter+len3+len2+1] != 0)) + { + warn(); + return ASN1_DER_ERROR; + } } counter += len2 + len3 + 1; |