Fix handling of -offset and -length in asn1parse tool.

If -offset exceeds -length of data available exit with an error.

Don't read past end of total data available when -offset supplied.

If -length exceeds total available truncate it.

diff --git a/apps/asn1pars.c b/apps/asn1pars.c
index 5f8ba5e730337468e78466548928e585b536040d..88db0d197835255536554b7f3e35e844310e49a3 100644 (file)
--- a/apps/asn1pars.c
+++ b/apps/asn1pars.c
@@ -333,7 +333,15 @@ bad:
                num=tmplen;
                }
 
-       if (length == 0) length=(unsigned int)num;
+       if (offset >= num)
+               {
+               BIO_printf(bio_err, "Error: offset too large\n");
+               goto end;
+               }
+
+       num -= offset;
+
+       if ((length == 0) || (length > num)) length=(unsigned int)num;
        if(derout) {
                if(BIO_write(derout, str + offset, length) != (int)length) {
                        BIO_printf(bio_err, "Error writing output\n");