wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Calculate sequence length properly.

Browse source 
Use correct length in old ASN.1 indefinite length sequence decoder
(only used by SSL_SESSION).

This bug was discovered by Hanno Böck using libfuzzer.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit 436dead2e2)
This commit is contained in:
Dr. Stephen Henson 2016-08-02 23:53:41 +01:00
parent c648bdcc4c
commit 5db2a579b7
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
crypto/asn1/asn1_lib.c
View file

@ -328,7 +328,7 @@ int asn1_GetSequence(ASN1_const_CTX *c, long *length)
return (0);
}
if (c->inf == (1 | V_ASN1_CONSTRUCTED))
c->slen = *length + *(c->pp) - c->p;
c->slen = *length;
c->eos = 0;
return (1);
}