[openssl-commits] [openssl] master update

Viktor Dukhovni viktor at openssl.org
Thu Apr 14 06:42:31 UTC 2016 

The branch master has been updated
       via  bdcd660e33710079b495cf5cc6a1aaa5d2dcd317 (commit)
      from  5968d11a7a28103610c054c6a57c852bbe0f3b51 (commit)


- Log -----------------------------------------------------------------
commit bdcd660e33710079b495cf5cc6a1aaa5d2dcd317
Author: Viktor Dukhovni <openssl-users at dukhovni.org>
Date:   Wed Apr 13 23:14:43 2016 -0400

    Bugfix: in asn1parse avoid erroneous len after a sub-sequence
    
    Introduced in:
    
        commit 79c7f74d6cefd5d32fa20e69195ad3de834ce065
        Author: Ben Laurie <ben at links.org>
        Date:   Tue Mar 29 19:37:57 2016 +0100
    
        Fix buffer overrun in ASN1_parse().
    
    Problem input:
    
        https://tools.ietf.org/html/draft-ietf-curdle-pkix-eddsa-00#section-8.1
        -----BEGIN PUBLIC KEY-----
        MC0wCAYDK2VkCgECAyEAGb9ECWmEzf6FQbrBZ9w7lshQhqowtrbLDFw4rXAxZuE=
        -----END PUBLIC KEY-----
    
    Previously:
    
            0:d=0  hl=2 l=  45 cons: SEQUENCE
            2:d=1  hl=2 l=   8 cons: SEQUENCE
            4:d=2  hl=2 l=   3 prim: OBJECT            :1.3.101.100
            9:d=2  hl=2 l=   1 prim: ENUMERATED        :02
        Error in encoding
        140735164989440:error:0D07207B:asn1 encoding routines:ASN1_get_object:header too long:../openssl/crypto/asn1/asn1_lib.c:148:
    
    Now:
    
        0:d=0  hl=2 l=  45 cons: SEQUENCE
        2:d=1  hl=2 l=   8 cons: SEQUENCE
        4:d=2  hl=2 l=   3 prim: OBJECT            :1.3.101.100
        9:d=2  hl=2 l=   1 prim: ENUMERATED        :02
       12:d=1  hl=2 l=  33 prim: BIT STRING
          0000 - 00 19 bf 44 09 69 84 cd-fe 85 41 ba c1 67 dc 3b   ...D.i....A..g.;
          0010 - 96 c8 50 86 aa 30 b6 b6-cb 0c 5c 38 ad 70 31 66   ..P..0....\8.p1f
          0020 - e1                                                .
    
    Reviewed-by: Richard Levitte <levitte at openssl.org>

-----------------------------------------------------------------------

Summary of changes:
 crypto/asn1/asn1_par.c | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/crypto/asn1/asn1_par.c b/crypto/asn1/asn1_par.c
index b721273..e412820 100644
--- a/crypto/asn1/asn1_par.c
+++ b/crypto/asn1/asn1_par.c
@@ -189,18 +189,19 @@ static int asn1_parse2(BIO *bp, const unsigned char **pp, long length,
                     }
                 }
             } else {
+                long tmp = len;
+
                 while (p < ep) {
                     sp = p;
-                    r = asn1_parse2(bp, &p, len,
+                    r = asn1_parse2(bp, &p, tmp,
                                     offset + (p - *pp), depth + 1,
                                     indent, dump);
                     if (r == 0) {
                         ret = 0;
                         goto end;
                     }
-                    len -= p - sp;
+                    tmp -= p - sp;
                 }
-                len = length;
             }
         } else if (xclass != 0) {
             p += len;

More information about the openssl-commits mailing list