diff options
author | RĂ©mi Verschelde <rverschelde@gmail.com> | 2017-05-27 19:51:04 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2017-05-27 19:51:04 +0200 |
commit | 1525071c28535816b98784f2ad62f9d5ef333654 (patch) | |
tree | 3502be2b2ae57c73fa21bd7b4a20dc02aab3aa06 /thirdparty/openssl/crypto/asn1/tasn_enc.c | |
parent | ce8bf1592abfb0e9382d437fc453d0ffd500e076 (diff) | |
parent | 67305d1b0a6dbcdb032d5a5a0e92122cf8f10b8d (diff) |
Merge pull request #8960 from akien-mga/openssl-1.0.2l
OpenSSL: Cleanup and document update process from upstream sources + 1.0.2l
Diffstat (limited to 'thirdparty/openssl/crypto/asn1/tasn_enc.c')
-rw-r--r-- | thirdparty/openssl/crypto/asn1/tasn_enc.c | 26 |
1 files changed, 17 insertions, 9 deletions
diff --git a/thirdparty/openssl/crypto/asn1/tasn_enc.c b/thirdparty/openssl/crypto/asn1/tasn_enc.c index f7f83e56a9..081a9d534f 100644 --- a/thirdparty/openssl/crypto/asn1/tasn_enc.c +++ b/thirdparty/openssl/crypto/asn1/tasn_enc.c @@ -59,6 +59,7 @@ #include <stddef.h> #include <string.h> +#include <limits.h> #include "cryptlib.h" #include <openssl/asn1.h> #include <openssl/asn1t.h> @@ -216,17 +217,19 @@ int ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char **out, for (i = 0, tt = it->templates; i < it->tcount; tt++, i++) { const ASN1_TEMPLATE *seqtt; ASN1_VALUE **pseqval; + int tmplen; seqtt = asn1_do_adb(pval, tt, 1); if (!seqtt) return 0; pseqval = asn1_get_field_ptr(pval, seqtt); - /* FIXME: check for errors in enhanced version */ - seqcontlen += asn1_template_ex_i2d(pseqval, NULL, seqtt, - -1, aclass); + tmplen = asn1_template_ex_i2d(pseqval, NULL, seqtt, -1, aclass); + if (tmplen == -1 || (tmplen > INT_MAX - seqcontlen)) + return -1; + seqcontlen += tmplen; } seqlen = ASN1_object_size(ndef, seqcontlen, tag); - if (!out) + if (!out || seqlen == -1) return seqlen; /* Output SEQUENCE header */ ASN1_put_object(out, ndef, seqcontlen, tag, aclass); @@ -339,19 +342,24 @@ static int asn1_template_ex_i2d(ASN1_VALUE **pval, unsigned char **out, /* Determine total length of items */ skcontlen = 0; for (i = 0; i < sk_ASN1_VALUE_num(sk); i++) { + int tmplen; skitem = sk_ASN1_VALUE_value(sk, i); - skcontlen += ASN1_item_ex_i2d(&skitem, NULL, - ASN1_ITEM_ptr(tt->item), - -1, iclass); + tmplen = ASN1_item_ex_i2d(&skitem, NULL, ASN1_ITEM_ptr(tt->item), + -1, iclass); + if (tmplen == -1 || (skcontlen > INT_MAX - tmplen)) + return -1; + skcontlen += tmplen; } sklen = ASN1_object_size(ndef, skcontlen, sktag); + if (sklen == -1) + return -1; /* If EXPLICIT need length of surrounding tag */ if (flags & ASN1_TFLG_EXPTAG) ret = ASN1_object_size(ndef, sklen, ttag); else ret = sklen; - if (!out) + if (!out || ret == -1) return ret; /* Now encode this lot... */ @@ -380,7 +388,7 @@ static int asn1_template_ex_i2d(ASN1_VALUE **pval, unsigned char **out, return 0; /* Find length of EXPLICIT tag */ ret = ASN1_object_size(ndef, i, ttag); - if (out) { + if (out && ret != -1) { /* Output tag and item */ ASN1_put_object(out, ndef, i, ttag, tclass); ASN1_item_ex_i2d(pval, out, ASN1_ITEM_ptr(tt->item), -1, iclass); |