In asn1_d2i_read_bio, don't assume BIO_read will

return the requested number of bytes when reading content.
2002-12-03 23:49:12 +00:00 · 2002-12-03 23:49:12 +00:00 · 38b085902f
commit 38b085902f
parent 27498a3330
2 changed files with 15 additions and 5 deletions
--- a/5
+++ b/5
@ -4,6 +4,11 @@

 Changes between 0.9.6h and 0.9.7  [XX xxx 2002]

+  *) In asn1_d2i_read_bio() repeatedly call BIO_read() until all content
+     octets have been read, EOF or an error occurs. Without this change
+     some truncated ASN1 structures will not produce an error.
+     [Steve Henson]
+
  *) Disable Heimdal support, since it hasn't been fully implemented.
     Still give the possibility to force the use of Heimdal, but with
     warnings and a request that patches get sent to openssl-dev.
--- a/crypto/asn1/a_d2i_fp.c
+++ b/crypto/asn1/a_d2i_fp.c
@ -226,13 +226,18 @@ static int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb)
 					ASN1err(ASN1_F_ASN1_D2I_BIO,ERR_R_MALLOC_FAILURE);
 					goto err;
 					}
-				i=BIO_read(in,&(b->data[len]),want);
-				if (i <= 0)
+				while (want > 0)
 					{
-					ASN1err(ASN1_F_ASN1_D2I_BIO,ASN1_R_NOT_ENOUGH_DATA);
-					goto err;
+					i=BIO_read(in,&(b->data[len]),want);
+					if (i <= 0)
+						{
+						ASN1err(ASN1_F_ASN1_D2I_BIO,
+						    ASN1_R_NOT_ENOUGH_DATA);
+						goto err;
+						}
+					len+=i;
+					want -= i;
 					}
-				len+=i;
 				}
 			off+=(int)c.slen;
 			if (eos <= 0)