*
*/
-#include <openssl/asn1.h>
#include <stdio.h>
#include <stdlib.h>
#include <ctype.h>
#include <string.h>
+#include "e_os.h"
+#include <openssl/asn1.h>
#include <openssl/ocsp.h>
#include <openssl/err.h>
#include <openssl/buffer.h>
case OHS_ASN1_HEADER:
- /* Now reading ASN1 header: can read at least 6 bytes which
- * is more than enough for any valid ASN1 SEQUENCE header
+ /* Now reading ASN1 header: can read at least 2 bytes which
+ * is enough for ASN1 SEQUENCE header and either length field
+ * or at least the length of the length field.
*/
n = BIO_get_mem_data(rctx->mem, &p);
- if (n < 6)
+ if (n < 2)
goto next_io;
/* Check it is an ASN1 SEQUENCE */
/* Check out length field */
if (*p & 0x80)
{
+ /* If MSB set on initial length octet we can now
+ * always read 6 octets: make sure we have them.
+ */
+ if (n < 6)
+ goto next_io;
n = *p & 0x7F;
/* Not NDEF or excessive length */
if (!n || (n > 4))