oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

asn1: Fix alignment issue in templating open types

Browse Source 
And a stray ^a increment of a 0 into a 1.

Found with AFL.
This commit is contained in:
Nicolas Williams
2021-03-05 15:52:30 -06:00
parent 2035efe765
commit 4c261911fa
1 changed files with 10 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
lib/asn1/template.c
View File

@@ -1301,8 +1301,12 @@ _asn1_encode_open_type(const struct asn1_template *t,
} else { } else {
struct heim_base_data **os = DPO(data, topentype->offset + sizeof(len)); struct heim_base_data **os = DPO(data, topentype->offset + sizeof(len));
while (sizeof(void *) != sizeof(unsigned int) &&
((uintptr_t)os) % sizeof(void *) != 0)
os = (void *)(((char *)os) + sizeof(unsigned int));
lenp = DPO(data, topentype->offset); lenp = DPO(data, topentype->offset);
if (*lenp == len && os[0]->length && os[1]->data) if (*lenp == len && os[0]->length && os[0]->data)
return 0; return 0;
} }
@@ -1883,8 +1887,12 @@ _asn1_length_open_type(const struct asn1_template *tbase,
} else { } else {
struct heim_base_data **os = DPO(data, topentype->offset + sizeof(len)); struct heim_base_data **os = DPO(data, topentype->offset + sizeof(len));
while (sizeof(void *) != sizeof(unsigned int) &&
((uintptr_t)os) % sizeof(void *) != 0)
os = (void *)(((char *)os) + sizeof(unsigned int));
lenp = DPOC(data, topentype->offset); lenp = DPOC(data, topentype->offset);
if (*lenp == len && os[0]->length && os[1]->data) if (*lenp == len && os[0]->length && os[0]->data)
return 0; return 0;
} }