In asn1_get_length(), tolerate leading zeroes in BER encoding.

OpenSSL PR #2746 via OpenSSL trunk
author: miod <miod@openbsd.org> 2014-07-11 14:22:55 +0000
committer: miod <miod@openbsd.org> 2014-07-11 14:22:55 +0000
commit: 030ec314a4f2e3d992837f55781a496dab38f735 (patch)
tree: b92f32bfeab7456fb7c82ad46142c7d140789c3f /lib/libssl/src
parent: In EVP_PBE_alg_add don't use the underlying NID for the cipher (diff)
download: wireguard-openbsd-030ec314a4f2e3d992837f55781a496dab38f735.tar.xz
wireguard-openbsd-030ec314a4f2e3d992837f55781a496dab38f735.zip
1 files changed, 8 insertions, 5 deletions
diff --git a/lib/libssl/src/crypto/asn1/asn1_lib.c b/lib/libssl/src/crypto/asn1/asn1_lib.c
index b5f3f78b940..d851339753e 100644
--- a/lib/libssl/src/crypto/asn1/asn1_lib.c
+++ b/lib/libssl/src/crypto/asn1/asn1_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: asn1_lib.c,v 1.30 2014/07/11 08:44:47 jsing Exp $ */
+/* $OpenBSD: asn1_lib.c,v 1.31 2014/07/11 14:22:55 miod Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -174,15 +174,18 @@ asn1_get_length(const unsigned char **pp, int *inf, long *rl, int max)
 		*inf = 0;
 		i= *p & 0x7f;
 		if (*(p++) & 0x80) {
+			if (max < (int)i)
+				return (0);
+			/* skip leading zeroes */
+			while (i && *p == 0) {
+				p++;
+				i--;
+			}
 			if (i > sizeof(long))
 				return 0;
-			if (max-- == 0)
-				return (0);
 			while (i-- > 0) {
 				ret <<= 8L;
 				ret |= *(p++);
-				if (max-- == 0)
-					return (0);
 			}
 		} else
 			ret = i;
author	miod <miod@openbsd.org>	2014-07-11 14:22:55 +0000
committer	miod <miod@openbsd.org>	2014-07-11 14:22:55 +0000
commit	030ec314a4f2e3d992837f55781a496dab38f735 (patch)
tree	b92f32bfeab7456fb7c82ad46142c7d140789c3f /lib/libssl/src
parent	In EVP_PBE_alg_add don't use the underlying NID for the cipher (diff)
download	wireguard-openbsd-030ec314a4f2e3d992837f55781a496dab38f735.tar.xz wireguard-openbsd-030ec314a4f2e3d992837f55781a496dab38f735.zip