From: Dr. Stephen Henson <steve@openssl.org>
Date: Thu, 22 Mar 2001 13:49:15 +0000 (+0000)
Subject: Fix bug in PKCS#7 decode routines when indefinite length
X-Git-Tag: OpenSSL_0_9_6a-beta3~37
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=8d82218269eb649dd6ab7b125c2155702062fe0a;p=oweals%2Fopenssl.git

Fix bug in PKCS#7 decode routines when indefinite length
encoding is used inside definite length encoding.
---

diff --git a/CHANGES b/CHANGES
index 3f0e64d90a..a3b7e529da 100644
--- a/CHANGES
+++ b/CHANGES
@@ -4,6 +4,10 @@
 
  Changes between 0.9.6 and 0.9.6a  [xx XXX 2001]
 
+  *) Fix PKCS#7 decode routines so they correctly update the length
+     after reading an EOC for the EXPLICIT tag.
+     [Steve Henson]
+
   *) Fix bug in PKCS#12 key generation routines. This was triggered
      if a 3DES key was generated with a 0 initial byte. Include
      PKCS12_BROKEN_KEYGEN compilation option to retain the old
diff --git a/crypto/asn1/p7_lib.c b/crypto/asn1/p7_lib.c
index b1196ef581..7a5baff8dd 100644
--- a/crypto/asn1/p7_lib.c
+++ b/crypto/asn1/p7_lib.c
@@ -307,6 +307,7 @@ PKCS7 *d2i_PKCS7(PKCS7 **a, unsigned char **pp, long length)
 			}
 		if (Tinf == (1|V_ASN1_CONSTRUCTED))
 			{
+			c.q=c.p;
 			if (!ASN1_check_infinite_end(&c.p,c.slen))
 				{
 				c.error=ERR_R_MISSING_ASN1_EOS;
@@ -314,6 +315,7 @@ PKCS7 *d2i_PKCS7(PKCS7 **a, unsigned char **pp, long length)
 				goto err;
 				}
 			}
+			c.slen-=(c.p-c.q);
 		}
 	else
 		ret->detached=1;