diff options
author | Harin Vadodaria <harin.vadodaria@oracle.com> | 2012-11-21 19:12:20 +0530 |
---|---|---|
committer | Harin Vadodaria <harin.vadodaria@oracle.com> | 2012-11-21 19:12:20 +0530 |
commit | 43062dba3ac0d1887a890ddbd364aa81a3a0208f (patch) | |
tree | 3d6a5f6ba96eaa5f03b0840b4557c7648b06decd /extra/yassl/taocrypt/src | |
parent | a46adb0f9827e8b06c76591b5da3adea4a0b6301 (diff) | |
download | mariadb-git-43062dba3ac0d1887a890ddbd364aa81a3a0208f.tar.gz |
Bug#15883127: PORT FIX FOR BUG #13904906 TO MYSQL 5.1
Description: Updated yassl to version 2.2.2
Diffstat (limited to 'extra/yassl/taocrypt/src')
-rw-r--r-- | extra/yassl/taocrypt/src/asn.cpp | 4 | ||||
-rw-r--r-- | extra/yassl/taocrypt/src/coding.cpp | 21 |
2 files changed, 24 insertions, 1 deletions
diff --git a/extra/yassl/taocrypt/src/asn.cpp b/extra/yassl/taocrypt/src/asn.cpp index 5ec4cac1c44..ad054809879 100644 --- a/extra/yassl/taocrypt/src/asn.cpp +++ b/extra/yassl/taocrypt/src/asn.cpp @@ -154,6 +154,8 @@ word32 GetLength(Source& source) else length = b; + if (source.IsLeft(length) == false) return 0; + return length; } @@ -832,7 +834,7 @@ void CertDecoder::GetName(NameType nt) if (email) { if (!(ptr = AddTag(ptr, buf_end, "/emailAddress=", 14, length))) { source_.SetError(CONTENT_E); - return; + return; } } diff --git a/extra/yassl/taocrypt/src/coding.cpp b/extra/yassl/taocrypt/src/coding.cpp index 8647ea13f20..ba485eea77e 100644 --- a/extra/yassl/taocrypt/src/coding.cpp +++ b/extra/yassl/taocrypt/src/coding.cpp @@ -103,6 +103,16 @@ void HexDecoder::Decode() byte b = coded_.next() - 0x30; // 0 starts at 0x30 byte b2 = coded_.next() - 0x30; + // sanity checks + if (b >= sizeof(hexDecode)/sizeof(hexDecode[0])) { + coded_.SetError(PEM_E); + return; + } + if (b2 >= sizeof(hexDecode)/sizeof(hexDecode[0])) { + coded_.SetError(PEM_E); + return; + } + b = hexDecode[b]; b2 = hexDecode[b2]; @@ -178,6 +188,7 @@ void Base64Decoder::Decode() { word32 bytes = coded_.size(); word32 plainSz = bytes - ((bytes + (pemLineSz - 1)) / pemLineSz); + const byte maxIdx = (byte)sizeof(base64Decode) + 0x2B - 1; plainSz = ((plainSz * 3) / 4) + 3; decoded_.New(plainSz); @@ -200,6 +211,16 @@ void Base64Decoder::Decode() if (e4 == pad) pad4 = true; + if (e1 < 0x2B || e2 < 0x2B || e3 < 0x2B || e4 < 0x2B) { + coded_.SetError(PEM_E); + return; + } + + if (e1 > maxIdx || e2 > maxIdx || e3 > maxIdx || e4 > maxIdx) { + coded_.SetError(PEM_E); + return; + } + e1 = base64Decode[e1 - 0x2B]; e2 = base64Decode[e2 - 0x2B]; e3 = (e3 == pad) ? 0 : base64Decode[e3 - 0x2B]; |