summaryrefslogtreecommitdiff
path: root/lib
Commit message (Collapse)AuthorAgeFilesLines
* _asn1_decode_simple_ber: restrict the levels of recursion to 3Nikos Mavrogiannopoulos2018-01-041-2/+19
| | | | | | | | On indefinite string decoding, setting a maximum level of recursions protects the BER decoder from a stack exhaustion due to large amounts of recursion. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* _asn1_check_identifier: safer access to values readNikos Mavrogiannopoulos2017-06-301-5/+12
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* doc updatelibtasn1_4_12Nikos Mavrogiannopoulos2017-05-291-1/+1
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
* regenerated ASN1.c filelibtasn1_4_11Nikos Mavrogiannopoulos2017-05-271-1/+1
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
* bumped versionNikos Mavrogiannopoulos2017-05-271-1/+1
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
* asn1_find_node: added safety check on asn1_find_node()Nikos Mavrogiannopoulos2017-05-181-0/+6
| | | | | | | | | | This prevents a stack overflow in asn1_find_node() which is triggered by too long variable names in the definitions files. That means that applications have to deliberately pass a too long 'name' constant to asn1_write_value() and friends. Reported by Jakub Jirasek. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* decoding: added flag ASN1_DECODE_FLAG_ALLOW_INCORRECT_TIMENikos Mavrogiannopoulos2017-05-182-1/+3
| | | | | | | | | This flag allows decoding errors in time fields even when in strict DER mode. That is introduced in order to allow toleration of invalid times in certificates (which are common) even though strict DER adherence is enforced in other fields. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* Introduced error code ASN1_TIME_ENCODING_ERRORNikos Mavrogiannopoulos2017-05-013-3/+5
| | | | | | | This error code indicates an invalid encoding in the TIME field. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* DER decoding: check the return value of _asn1_append_sequence_setNikos Mavrogiannopoulos2017-01-192-4/+21
| | | | | | | Ensure that the return value of _asn1_append_sequence_set. This addresses a potential NULL pointer dereference. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* Cast input to isdigit() to integerNikos Mavrogiannopoulos2017-01-171-1/+1
| | | | | | | That prevents complaints from isdigit() implementations using the input as an array index without casting. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* added missing gnulib filesNikos Mavrogiannopoulos2017-01-163-0/+156
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* asn1_get_length_ber: pass the correct length to ↵Nikos Mavrogiannopoulos2017-01-161-3/+3
| | | | | | | | _asn1_get_indefinite_length_string This addresses reading 1-byte past the end of data. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* bumped versionNikos Mavrogiannopoulos2017-01-161-1/+1
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* _asn1_ltostr: avoid undefined negation of int64_tNikos Mavrogiannopoulos2017-01-161-1/+1
| | | | | | Use cast to (uint64_t) and negation instead. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* updated gnulibNikos Mavrogiannopoulos2017-01-1634-487/+678
|
* _asn1_ltostr: ensure that input value will always be printedNikos Mavrogiannopoulos2017-01-131-7/+11
| | | | | | | | | | That is, use an unsigned type to store the output of the negation (in case the input is negative). This addresses the issue found in PKCS#7 decoding: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=388 Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* doc updatetmp-test-suite-spcNikos Mavrogiannopoulos2016-10-241-2/+4
|
* doc updateNikos Mavrogiannopoulos2016-10-111-1/+1
|
* space/tab fixesNikos Mavrogiannopoulos2016-09-111-1/+1
|
* space/tab fixesNikos Mavrogiannopoulos2016-09-112-11/+11
|
* ASN1.c: regenerated with bison 3.0.4Nikos Mavrogiannopoulos2016-07-271-133/+135
|
* ASN1.y: updated for new yacc syntax (according to bison warnings)Nikos Mavrogiannopoulos2016-07-271-1/+1
|
* Fix some typoes found by lintian.Andreas Metzler2016-07-272-3/+3
|
* gnulib: added missing verify.hNikos Mavrogiannopoulos2016-07-261-0/+279
|
* parser_aux: corrected potential null pointer dereferencesNikos Mavrogiannopoulos2016-07-261-6/+6
|
* ASN.y: corrected compiler warningNikos Mavrogiannopoulos2016-07-261-1/+1
|
* updated gnulibNikos Mavrogiannopoulos2016-07-2633-199/+452
|
* released 4.9libtasn1_4_9Nikos Mavrogiannopoulos2016-07-251-1/+1
|
* asn1_get_object_id_der: doc updateNikos Mavrogiannopoulos2016-07-081-1/+2
|
* encode and decode object identifiers with elements larger than 2^32 in ↵Nikos Mavrogiannopoulos2016-07-085-6/+12
| | | | 32-bit systems
* _asn1_objectid_der: encode object identifiers with elements larger than 2^32Nikos Mavrogiannopoulos2016-07-071-1/+1
|
* decoding: removed unused constantsNikos Mavrogiannopoulos2016-04-201-5/+0
|
* decoding: added null pointer checkNikos Mavrogiannopoulos2016-04-201-0/+8
|
* _asn1_append_sequence_set: fail if _asn1_copy_structure3 failsNikos Mavrogiannopoulos2016-04-201-0/+3
|
* coding: prevented an unsigned to signed conversionNikos Mavrogiannopoulos2016-04-201-1/+1
|
* _asn1_expand_object_id: addressed crash when no value is present is nodeNikos Mavrogiannopoulos2016-04-081-0/+3
| | | | | | | With a specially crafted ASN.1 description _asn1_expand_object_id, passes a null pointer as p4->value to the function _asn1_str_cat, which expects a pointer to a string. This patch addresses the issue. Reported by Pascal Cuoq.
* decoding: removed redundant functionsNikos Mavrogiannopoulos2016-04-081-223/+150
| | | | | Simplified the STRING BER decoding by using asn1_decode_simple_ber(). This removes complex duplicate code.
* asn1_decode_simple_ber: simplified and cleaned upNikos Mavrogiannopoulos2016-04-082-45/+73
|
* asn1_get_octet_der: doc updateNikos Mavrogiannopoulos2016-04-071-4/+6
|
* _asn1_extract_der_octet: properly account the bytes read through indefinite ↵Nikos Mavrogiannopoulos2016-04-061-4/+8
| | | | | | | encodings This prevents infinite recursions in the function loop. Reported by Pascal Cuoq.
* libtasn1.h: updated for 4.8Nikos Mavrogiannopoulos2016-04-041-1/+1
|
* _asn1_extract_der_octet: catch invalid input cases earlyNikos Mavrogiannopoulos2016-04-041-1/+8
| | | | | | That is, check the calculated lengths for validity prior to entering a loop. This avoids an infinite recursion. Reported by Pascal Cuoq.
* Simplify _asn1_append_value() and avoid memcpy's with zero lengthNikos Mavrogiannopoulos2016-04-041-9/+19
| | | | Based on patch of Pascal Cuoq <pascal.cuoq@trust-in-soft.com>
* use a safer variant of reallocNikos Mavrogiannopoulos2016-04-043-4/+20
| | | | | This variant does not create memory leaks if allocation fails. Report and initial patch by Pascal Cuoq.
* decoding: improved tail cache in _asn1_append_sequence_setNikos Mavrogiannopoulos2016-04-043-16/+27
| | | | | We keep the head node in addition to the tail information to allow easier deduction of the validity of the cache.
* fixed incorrect parameter to _asn1_append_sequence_set()Nikos Mavrogiannopoulos2016-04-031-1/+1
| | | | | This was uncovered by the previous revert, and seemed working due to the optimization semantics.
* Revert "optimized _asn1_find_up()."Nikos Mavrogiannopoulos2016-04-037-51/+38
| | | | | | | This reverts commit 4010bb04588fca86a9f6d683b637c05b4cec24e0. This optimization did not offer much benefit and there may be corner cases in the internal structure handling that may not be possibly to handle with this optimization.
* %x expects an unsigned int, but unsigned char is promoted to intPascal Cuoq2016-04-031-5/+5
|
* coding: Fixes to prevent undefined behavior (found with libubsan)Nikos Mavrogiannopoulos2016-02-291-3/+5
|
* der_coding: always null terminate errorDescriptionNikos Mavrogiannopoulos2016-01-081-0/+3
|
View Lorry Controller Status