oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

Check for truncated integers: the encoded length may be greater than

Browse Source 
the data buffer.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@11339 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Jacques A. Vidrine
2002-09-03 16:21:49 +00:00
parent c2a12cf859
commit 9cb7b201a4
1 changed files with 4 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
lib/asn1/der_get.c
View File

@@ -252,6 +252,8 @@ decode_integer (const unsigned char *p, size_t len,
p += l; p += l;
len -= l; len -= l;
ret += l; ret += l;
if (reallen > len)
return ASN1_OVERRUN;
e = der_get_int (p, reallen, num, &l); e = der_get_int (p, reallen, num, &l);
if (e) return e; if (e) return e;
p += l; p += l;
@@ -279,6 +281,8 @@ decode_unsigned (const unsigned char *p, size_t len,
p += l; p += l;
len -= l; len -= l;
ret += l; ret += l;
if (reallen > len)
return ASN1_OVERRUN;
e = der_get_unsigned (p, reallen, num, &l); e = der_get_unsigned (p, reallen, num, &l);
if (e) return e; if (e) return e;
p += l; p += l;