Commit 34916c8
committed
ASN: improve handling of ASN.1 parsing/encoding
ToTraditionalInline_ex2 original ASN code:
- Now return 0 when no OCTECT_STRING data found.
- Change callers to accept 0 as a valid returnb value.
SizeASN_Items:
- Change encoded size to word32 as won't be negative.
- Change callers to supply a pointer to a word32 instead of integer.
Fix casting due to change of parameter type.
ASN_LEN_ENC_LEN: Function to calculate the length of the encoded ASN.1
length.
GetLength_ex:
- Change minLen to word32
- Change length to word32 and change negative check appropriately for
different type.
GetASNHeader_ex:
- If not checking lengths in GetLength_ex, check it here.
DecodeObjectId:
- Ensure no overflow in calculation.
_RsaPrivateKeyDecode (original)
- Clear RSA integers on failure (will be done in free anyway).
wc_CreatePKCS8Key (original):
- safe check of overflow.
DecryptContent (templare):
- Parse will fail if OID not recognized, and recognized OIDs are 9/10
bytes long - but check idx is 9/10 anyway so we know we can read 2 end
bytes of data.
wc_RsaPublicKeyDecode_ex (original):
- Fix calculation of seqEndIdx and use it to bound modulus and
exponent.
DecodePolicyOID
- enusre inSz is not too long.
- Ensure no overflow in calculation.
SetOidValue (orginal):
- Safe check of inSz and oidSz.
SetAltNames (original):
- Improve length checks
FlattenAltNames:
- Check for overflow.
- Better length check.
ParseCRL_CertList (original):
- overflow check1 parent 9d3cc6e commit 34916c8
5 files changed
Lines changed: 253 additions & 186 deletions
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
3581 | 3581 | | |
3582 | 3582 | | |
3583 | 3583 | | |
3584 | | - | |
| 3584 | + | |
3585 | 3585 | | |
3586 | 3586 | | |
3587 | 3587 | | |
| |||
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
924 | 924 | | |
925 | 925 | | |
926 | 926 | | |
927 | | - | |
| 927 | + | |
928 | 928 | | |
929 | 929 | | |
930 | 930 | | |
| |||
0 commit comments