From: Dr. Stephen Henson Date: Tue, 3 Dec 2002 23:50:59 +0000 (+0000) Subject: In asn1_d2i_read_bio, don't assume BIO_read will X-Git-Tag: STATE_before_zlib~31 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=2053c43de2575a0f72038b8a36146ef23c829885;p=oweals%2Fopenssl.git In asn1_d2i_read_bio, don't assume BIO_read will return the requested number of bytes when reading content. --- diff --git a/CHANGES b/CHANGES index 2d7c5b5f50..ce2c1264a9 100644 --- a/CHANGES +++ b/CHANGES @@ -335,6 +335,11 @@ TODO: bug: pad x with leading zeros if necessary Changes between 0.9.6h and 0.9.7 [XX xxx 2002] + *) In asn1_d2i_read_bio() repeatedly call BIO_read() until all content + octets have been read, EOF or an error occurs. Without this change + some truncated ASN1 structures will not produce an error. + [Steve Henson] + *) Disable Heimdal support, since it hasn't been fully implemented. Still give the possibility to force the use of Heimdal, but with warnings and a request that patches get sent to openssl-dev. diff --git a/crypto/asn1/a_d2i_fp.c b/crypto/asn1/a_d2i_fp.c index 71b4a28611..cfb56ae265 100644 --- a/crypto/asn1/a_d2i_fp.c +++ b/crypto/asn1/a_d2i_fp.c @@ -226,13 +226,18 @@ static int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb) ASN1err(ASN1_F_ASN1_D2I_BIO,ERR_R_MALLOC_FAILURE); goto err; } - i=BIO_read(in,&(b->data[len]),want); - if (i <= 0) + while (want > 0) { - ASN1err(ASN1_F_ASN1_D2I_BIO,ASN1_R_NOT_ENOUGH_DATA); - goto err; + i=BIO_read(in,&(b->data[len]),want); + if (i <= 0) + { + ASN1err(ASN1_F_ASN1_D2I_BIO, + ASN1_R_NOT_ENOUGH_DATA); + goto err; + } + len+=i; + want -= i; } - len+=i; } off+=(int)c.slen; if (eos <= 0)