wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
openssl/crypto/asn1
History
Viktor Dukhovni bdcd660e33 Bugfix: in asn1parse avoid erroneous len after a sub-sequence 
Introduced in:

    commit 79c7f74d6c
    Author: Ben Laurie <ben@links.org>
    Date:   Tue Mar 29 19:37:57 2016 +0100

    Fix buffer overrun in ASN1_parse().

Problem input:

    https://tools.ietf.org/html/draft-ietf-curdle-pkix-eddsa-00#section-8.1
    -----BEGIN PUBLIC KEY-----
    MC0wCAYDK2VkCgECAyEAGb9ECWmEzf6FQbrBZ9w7lshQhqowtrbLDFw4rXAxZuE=
    -----END PUBLIC KEY-----

Previously:

        0:d=0  hl=2 l=  45 cons: SEQUENCE
        2:d=1  hl=2 l=   8 cons: SEQUENCE
        4:d=2  hl=2 l=   3 prim: OBJECT            :1.3.101.100
        9:d=2  hl=2 l=   1 prim: ENUMERATED        :02
    Error in encoding
    140735164989440:error:0D07207B:asn1 encoding routines:ASN1_get_object:header too long:../openssl/crypto/asn1/asn1_lib.c:148:

Now:

    0:d=0  hl=2 l=  45 cons: SEQUENCE
    2:d=1  hl=2 l=   8 cons: SEQUENCE
    4:d=2  hl=2 l=   3 prim: OBJECT            :1.3.101.100
    9:d=2  hl=2 l=   1 prim: ENUMERATED        :02
   12:d=1  hl=2 l=  33 prim: BIT STRING
      0000 - 00 19 bf 44 09 69 84 cd-fe 85 41 ba c1 67 dc 3b   ...D.i....A..g.;
      0010 - 96 c8 50 86 aa 30 b6 b6-cb 0c 5c 38 ad 70 31 66   ..P..0....\8.p1f
      0020 - e1                                                .

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-04-14 02:41:30 -04:00
..
a_bitstr.c Remove /* foo.c */ comments 2016-01-26 16:40:43 -05:00
a_d2i_fp.c Remove /* foo.c */ comments 2016-01-26 16:40:43 -05:00
a_digest.c Remove /* foo.c */ comments 2016-01-26 16:40:43 -05:00
a_dup.c Remove /* foo.c */ comments 2016-01-26 16:40:43 -05:00
a_gentm.c Remove /* foo.c */ comments 2016-01-26 16:40:43 -05:00
a_i2d_fp.c Remove /* foo.c */ comments 2016-01-26 16:40:43 -05:00
a_int.c GH601: Various spelling fixes. 2016-02-05 15:25:50 -05:00
a_mbstr.c Remove /* foo.c */ comments 2016-01-26 16:40:43 -05:00
a_object.c Remove /* foo.c */ comments 2016-01-26 16:40:43 -05:00
a_octet.c Remove /* foo.c */ comments 2016-01-26 16:40:43 -05:00
a_print.c Remove /* foo.c */ comments 2016-01-26 16:40:43 -05:00
a_sign.c Don't free up EVP_MD_CTX. 2016-03-19 01:02:02 +00:00
a_strex.c Remove /* foo.c */ comments 2016-01-26 16:40:43 -05:00
a_strnid.c Remove /* foo.c */ comments 2016-01-26 16:40:43 -05:00
a_time.c Remove /* foo.c */ comments 2016-01-26 16:40:43 -05:00
a_type.c Remove /* foo.c */ comments 2016-01-26 16:40:43 -05:00
a_utctm.c Remove /* foo.c */ comments 2016-01-26 16:40:43 -05:00
a_utf8.c Remove /* foo.c */ comments 2016-01-26 16:40:43 -05:00
a_verify.c Remove /* foo.c */ comments 2016-01-26 16:40:43 -05:00
ameth_lib.c Remove #error from include files. 2016-03-20 19:48:36 -04:00
asn1_err.c Remove /* foo.c */ comments 2016-01-26 16:40:43 -05:00
asn1_gen.c Remove /* foo.c */ comments 2016-01-26 16:40:43 -05:00
asn1_lib.c Fix buffer overrun in ASN1_parse(). 2016-03-30 20:28:44 +01:00
asn1_locl.h Remove /* foo.c */ comments 2016-01-26 16:40:43 -05:00
asn1_par.c Bugfix: in asn1parse avoid erroneous len after a sub-sequence 2016-04-14 02:41:30 -04:00
asn_mime.c Make BIO opaque 2016-03-29 17:40:54 +01:00
asn_moid.c Remove check_defer() 2016-04-13 15:05:07 +01:00
asn_mstbl.c GH601: Various spelling fixes. 2016-02-05 15:25:50 -05:00
asn_pack.c Remove /* foo.c */ comments 2016-01-26 16:40:43 -05:00
bio_asn1.c Make BIO opaque 2016-03-29 17:40:54 +01:00
bio_ndef.c Revert "various spelling fixes" 2016-04-04 16:11:43 -04:00
build.info move x_pubkey.c to crypto/x509 2016-03-22 15:28:11 +00:00
charmap.h Run util/openssl-format-source -v -c . 2015-01-22 09:20:09 +00:00
charmap.pl RT1815: More const'ness improvements 2014-08-18 11:49:16 -04:00
d2i_pr.c Remove #error from include files. 2016-03-20 19:48:36 -04:00
d2i_pu.c Remove #error from include files. 2016-03-20 19:48:36 -04:00
evp_asn1.c Remove /* foo.c */ comments 2016-01-26 16:40:43 -05:00
f_int.c Remove /* foo.c */ comments 2016-01-26 16:40:43 -05:00
f_string.c GH480: Don't break statements with CPP stuff. 2016-02-24 16:11:39 -05:00
i2d_pr.c Remove /* foo.c */ comments 2016-01-26 16:40:43 -05:00
i2d_pu.c Remove #error from include files. 2016-03-20 19:48:36 -04:00
Makefile.in move x_pubkey.c to crypto/x509 2016-03-22 15:28:11 +00:00
n_pkey.c Use NON_EMPTY_TRANSLATION_UNIT, consistently. 2016-02-09 20:13:29 -05:00
nsseq.c Remove /* foo.c */ comments 2016-01-26 16:40:43 -05:00
p5_pbe.c Remove /* foo.c */ comments 2016-01-26 16:40:43 -05:00
p5_pbev2.c Remove /* foo.c */ comments 2016-01-26 16:40:43 -05:00
p5_scrypt.c Remove /* foo.c */ comments 2016-01-26 16:40:43 -05:00
p8_pkey.c Make PKCS8_PRIV_KEY_INFO opaque. 2016-03-07 17:11:21 +00:00
t_bitst.c Remove /* foo.c */ comments 2016-01-26 16:40:43 -05:00
t_pkey.c Allocate ASN1_bn_print buffer internally. 2016-02-05 00:33:33 +00:00
t_spki.c Make X509_PUBKEY opaque 2016-03-22 15:28:11 +00:00
tasn_dec.c Fix memory leaks in ASN.1 2016-04-04 13:26:06 +02:00
tasn_enc.c Remove /* foo.c */ comments 2016-01-26 16:40:43 -05:00
tasn_fre.c Remove /* foo.c */ comments 2016-01-26 16:40:43 -05:00
tasn_new.c Remove /* foo.c */ comments 2016-01-26 16:40:43 -05:00
tasn_prn.c Remove unused parameters from internal functions 2016-02-22 13:39:44 -05:00
tasn_scn.c Remove /* foo.c */ comments 2016-01-26 16:40:43 -05:00
tasn_typ.c Remove /* foo.c */ comments 2016-01-26 16:40:43 -05:00
tasn_utl.c Convert CRYPTO_LOCK_X509_* to new multi-threading API 2016-03-08 11:10:34 -05:00
x_algor.c Remove /* foo.c */ comments 2016-01-26 16:40:43 -05:00
x_bignum.c Remove /* foo.c */ comments 2016-01-26 16:40:43 -05:00
x_info.c remove unused references field 2016-03-22 19:42:19 +00:00
x_long.c Remove /* foo.c */ comments 2016-01-26 16:40:43 -05:00
x_pkey.c remove unused references field 2016-03-22 19:42:19 +00:00
x_sig.c Make X509_SIG opaque. 2016-03-11 17:40:47 +00:00
x_spki.c Remove /* foo.c */ comments 2016-01-26 16:40:43 -05:00
x_val.c Remove /* foo.c */ comments 2016-01-26 16:40:43 -05:00