Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | _asn1_decode_simple_ber: restrict the levels of recursion to 3 | Nikos Mavrogiannopoulos | 2018-01-04 | 1 | -2/+19 |
| | | | | | | | | On indefinite string decoding, setting a maximum level of recursions protects the BER decoder from a stack exhaustion due to large amounts of recursion. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com> | ||||
* | _asn1_check_identifier: safer access to values read | Nikos Mavrogiannopoulos | 2017-06-30 | 1 | -5/+12 |
| | | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com> | ||||
* | doc updatelibtasn1_4_12 | Nikos Mavrogiannopoulos | 2017-05-29 | 1 | -1/+1 |
| | | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org> | ||||
* | regenerated ASN1.c filelibtasn1_4_11 | Nikos Mavrogiannopoulos | 2017-05-27 | 1 | -1/+1 |
| | | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org> | ||||
* | bumped version | Nikos Mavrogiannopoulos | 2017-05-27 | 1 | -1/+1 |
| | | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org> | ||||
* | asn1_find_node: added safety check on asn1_find_node() | Nikos Mavrogiannopoulos | 2017-05-18 | 1 | -0/+6 |
| | | | | | | | | | | This prevents a stack overflow in asn1_find_node() which is triggered by too long variable names in the definitions files. That means that applications have to deliberately pass a too long 'name' constant to asn1_write_value() and friends. Reported by Jakub Jirasek. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com> | ||||
* | decoding: added flag ASN1_DECODE_FLAG_ALLOW_INCORRECT_TIME | Nikos Mavrogiannopoulos | 2017-05-18 | 2 | -1/+3 |
| | | | | | | | | | This flag allows decoding errors in time fields even when in strict DER mode. That is introduced in order to allow toleration of invalid times in certificates (which are common) even though strict DER adherence is enforced in other fields. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com> | ||||
* | Introduced error code ASN1_TIME_ENCODING_ERROR | Nikos Mavrogiannopoulos | 2017-05-01 | 3 | -3/+5 |
| | | | | | | | This error code indicates an invalid encoding in the TIME field. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com> | ||||
* | DER decoding: check the return value of _asn1_append_sequence_set | Nikos Mavrogiannopoulos | 2017-01-19 | 2 | -4/+21 |
| | | | | | | | Ensure that the return value of _asn1_append_sequence_set. This addresses a potential NULL pointer dereference. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com> | ||||
* | Cast input to isdigit() to integer | Nikos Mavrogiannopoulos | 2017-01-17 | 1 | -1/+1 |
| | | | | | | | That prevents complaints from isdigit() implementations using the input as an array index without casting. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com> | ||||
* | added missing gnulib files | Nikos Mavrogiannopoulos | 2017-01-16 | 3 | -0/+156 |
| | | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com> | ||||
* | asn1_get_length_ber: pass the correct length to ↵ | Nikos Mavrogiannopoulos | 2017-01-16 | 1 | -3/+3 |
| | | | | | | | | _asn1_get_indefinite_length_string This addresses reading 1-byte past the end of data. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com> | ||||
* | bumped version | Nikos Mavrogiannopoulos | 2017-01-16 | 1 | -1/+1 |
| | | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com> | ||||
* | _asn1_ltostr: avoid undefined negation of int64_t | Nikos Mavrogiannopoulos | 2017-01-16 | 1 | -1/+1 |
| | | | | | | Use cast to (uint64_t) and negation instead. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com> | ||||
* | updated gnulib | Nikos Mavrogiannopoulos | 2017-01-16 | 34 | -487/+678 |
| | |||||
* | _asn1_ltostr: ensure that input value will always be printed | Nikos Mavrogiannopoulos | 2017-01-13 | 1 | -7/+11 |
| | | | | | | | | | | That is, use an unsigned type to store the output of the negation (in case the input is negative). This addresses the issue found in PKCS#7 decoding: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=388 Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com> | ||||
* | doc updatetmp-test-suite-spc | Nikos Mavrogiannopoulos | 2016-10-24 | 1 | -2/+4 |
| | |||||
* | doc update | Nikos Mavrogiannopoulos | 2016-10-11 | 1 | -1/+1 |
| | |||||
* | space/tab fixes | Nikos Mavrogiannopoulos | 2016-09-11 | 1 | -1/+1 |
| | |||||
* | space/tab fixes | Nikos Mavrogiannopoulos | 2016-09-11 | 2 | -11/+11 |
| | |||||
* | ASN1.c: regenerated with bison 3.0.4 | Nikos Mavrogiannopoulos | 2016-07-27 | 1 | -133/+135 |
| | |||||
* | ASN1.y: updated for new yacc syntax (according to bison warnings) | Nikos Mavrogiannopoulos | 2016-07-27 | 1 | -1/+1 |
| | |||||
* | Fix some typoes found by lintian. | Andreas Metzler | 2016-07-27 | 2 | -3/+3 |
| | |||||
* | gnulib: added missing verify.h | Nikos Mavrogiannopoulos | 2016-07-26 | 1 | -0/+279 |
| | |||||
* | parser_aux: corrected potential null pointer dereferences | Nikos Mavrogiannopoulos | 2016-07-26 | 1 | -6/+6 |
| | |||||
* | ASN.y: corrected compiler warning | Nikos Mavrogiannopoulos | 2016-07-26 | 1 | -1/+1 |
| | |||||
* | updated gnulib | Nikos Mavrogiannopoulos | 2016-07-26 | 33 | -199/+452 |
| | |||||
* | released 4.9libtasn1_4_9 | Nikos Mavrogiannopoulos | 2016-07-25 | 1 | -1/+1 |
| | |||||
* | asn1_get_object_id_der: doc update | Nikos Mavrogiannopoulos | 2016-07-08 | 1 | -1/+2 |
| | |||||
* | encode and decode object identifiers with elements larger than 2^32 in ↵ | Nikos Mavrogiannopoulos | 2016-07-08 | 5 | -6/+12 |
| | | | | 32-bit systems | ||||
* | _asn1_objectid_der: encode object identifiers with elements larger than 2^32 | Nikos Mavrogiannopoulos | 2016-07-07 | 1 | -1/+1 |
| | |||||
* | decoding: removed unused constants | Nikos Mavrogiannopoulos | 2016-04-20 | 1 | -5/+0 |
| | |||||
* | decoding: added null pointer check | Nikos Mavrogiannopoulos | 2016-04-20 | 1 | -0/+8 |
| | |||||
* | _asn1_append_sequence_set: fail if _asn1_copy_structure3 fails | Nikos Mavrogiannopoulos | 2016-04-20 | 1 | -0/+3 |
| | |||||
* | coding: prevented an unsigned to signed conversion | Nikos Mavrogiannopoulos | 2016-04-20 | 1 | -1/+1 |
| | |||||
* | _asn1_expand_object_id: addressed crash when no value is present is node | Nikos Mavrogiannopoulos | 2016-04-08 | 1 | -0/+3 |
| | | | | | | | With a specially crafted ASN.1 description _asn1_expand_object_id, passes a null pointer as p4->value to the function _asn1_str_cat, which expects a pointer to a string. This patch addresses the issue. Reported by Pascal Cuoq. | ||||
* | decoding: removed redundant functions | Nikos Mavrogiannopoulos | 2016-04-08 | 1 | -223/+150 |
| | | | | | Simplified the STRING BER decoding by using asn1_decode_simple_ber(). This removes complex duplicate code. | ||||
* | asn1_decode_simple_ber: simplified and cleaned up | Nikos Mavrogiannopoulos | 2016-04-08 | 2 | -45/+73 |
| | |||||
* | asn1_get_octet_der: doc update | Nikos Mavrogiannopoulos | 2016-04-07 | 1 | -4/+6 |
| | |||||
* | _asn1_extract_der_octet: properly account the bytes read through indefinite ↵ | Nikos Mavrogiannopoulos | 2016-04-06 | 1 | -4/+8 |
| | | | | | | | encodings This prevents infinite recursions in the function loop. Reported by Pascal Cuoq. | ||||
* | libtasn1.h: updated for 4.8 | Nikos Mavrogiannopoulos | 2016-04-04 | 1 | -1/+1 |
| | |||||
* | _asn1_extract_der_octet: catch invalid input cases early | Nikos Mavrogiannopoulos | 2016-04-04 | 1 | -1/+8 |
| | | | | | | That is, check the calculated lengths for validity prior to entering a loop. This avoids an infinite recursion. Reported by Pascal Cuoq. | ||||
* | Simplify _asn1_append_value() and avoid memcpy's with zero length | Nikos Mavrogiannopoulos | 2016-04-04 | 1 | -9/+19 |
| | | | | Based on patch of Pascal Cuoq <pascal.cuoq@trust-in-soft.com> | ||||
* | use a safer variant of realloc | Nikos Mavrogiannopoulos | 2016-04-04 | 3 | -4/+20 |
| | | | | | This variant does not create memory leaks if allocation fails. Report and initial patch by Pascal Cuoq. | ||||
* | decoding: improved tail cache in _asn1_append_sequence_set | Nikos Mavrogiannopoulos | 2016-04-04 | 3 | -16/+27 |
| | | | | | We keep the head node in addition to the tail information to allow easier deduction of the validity of the cache. | ||||
* | fixed incorrect parameter to _asn1_append_sequence_set() | Nikos Mavrogiannopoulos | 2016-04-03 | 1 | -1/+1 |
| | | | | | This was uncovered by the previous revert, and seemed working due to the optimization semantics. | ||||
* | Revert "optimized _asn1_find_up()." | Nikos Mavrogiannopoulos | 2016-04-03 | 7 | -51/+38 |
| | | | | | | | This reverts commit 4010bb04588fca86a9f6d683b637c05b4cec24e0. This optimization did not offer much benefit and there may be corner cases in the internal structure handling that may not be possibly to handle with this optimization. | ||||
* | %x expects an unsigned int, but unsigned char is promoted to int | Pascal Cuoq | 2016-04-03 | 1 | -5/+5 |
| | |||||
* | coding: Fixes to prevent undefined behavior (found with libubsan) | Nikos Mavrogiannopoulos | 2016-02-29 | 1 | -3/+5 |
| | |||||
* | der_coding: always null terminate errorDescription | Nikos Mavrogiannopoulos | 2016-01-08 | 1 | -0/+3 |
| |