Fix handling of -offset and -length in asn1parse tool.

If -offset exceeds -length of data available exit with an error.

Don't read past end of total data available when -offset supplied.

If -length exceeds total available truncate it.

diff --git a/apps/asn1pars.c b/apps/asn1pars.c
index 8cc13ee2d1130a0fca9108932a574c06dfc7857b..4ec6ec2741736e1c8bfe0135b276833c615d7c44 100644 (file)
--- a/apps/asn1pars.c
+++ b/apps/asn1pars.c
@@ -301,7 +301,15 @@ bad:
                num=tmplen;
                }
 
-       if (length == 0) length=(unsigned int)num;
+       if (offset >= num)
+               {
+               BIO_printf(bio_err, "Error: offset too large\n");
+               goto end;
+               }
+
+       num -= offset;
+
+       if ((length == 0) || (length > num)) length=(unsigned int)num;
        if(derout) {
                if(BIO_write(derout, str + offset, length) != (int)length) {
                        BIO_printf(bio_err, "Error writing output\n");