ASN1 sanity check.

author Dr. Stephen Henson <steve@openssl.org>

Tue, 1 Jul 2014 23:57:57 +0000 (00:57 +0100)

committer Dr. Stephen Henson <steve@openssl.org>

Wed, 2 Jul 2014 00:01:41 +0000 (01:01 +0100)
author Dr. Stephen Henson <steve@openssl.org>
Tue, 1 Jul 2014 23:57:57 +0000 (00:57 +0100)
committer Dr. Stephen Henson <steve@openssl.org>
Wed, 2 Jul 2014 00:01:41 +0000 (01:01 +0100)
diff --git a/crypto/asn1/asn1_lib.c b/crypto/asn1/asn1_lib.c

index 1bcb44aee203637ec70a60fe616588696bac32ac..fa04b08ed6e4bb631960753874d1fb7a8ce3e564 100644 (file)
--- a/crypto/asn1/asn1_lib.c
+++ b/crypto/asn1/asn1_lib.c
@@ -131,6 +131,9 @@ int ASN1_get_object(const unsigned char **pp, long *plength, int *ptag,
         *pclass=xclass;
         if (!asn1_get_length(&p,&inf,plength,(int)max)) goto err;
  
+       if (inf && !(ret & V_ASN1_CONSTRUCTED))
+               goto err;
+
  #if 0
         fprintf(stderr,"p=%d + *plength=%ld > omax=%ld + *pp=%d  (%d > %d)\n", 
                 (int)p,*plength,omax,(int)*pp,(int)(p+ *plength),
author	Dr. Stephen Henson <steve@openssl.org>
	Tue, 1 Jul 2014 23:57:57 +0000 (00:57 +0100)
committer	Dr. Stephen Henson <steve@openssl.org>
	Wed, 2 Jul 2014 00:01:41 +0000 (01:01 +0100)