From: Dr. Stephen Henson <steve@openssl.org>
Date: Sun, 8 Feb 2004 13:31:06 +0000 (+0000)
Subject: Fix handling of -offset and -length in asn1parse tool.
X-Git-Tag: OpenSSL_0_9_6m~4
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=fcc7c0a7bf8214f5338d0543d1ad4c992d5e9da1;p=oweals%2Fopenssl.git

Fix handling of -offset and -length in asn1parse tool.

If -offset exceeds -length of data available exit with an error.

Don't read past end of total data available when -offset supplied.

If -length exceeds total available truncate it.
---

diff --git a/apps/asn1pars.c b/apps/asn1pars.c
index 8cc13ee2d1..4ec6ec2741 100644
--- a/apps/asn1pars.c
+++ b/apps/asn1pars.c
@@ -301,7 +301,15 @@ bad:
 		num=tmplen;
 		}
 
-	if (length == 0) length=(unsigned int)num;
+	if (offset >= num)
+		{
+		BIO_printf(bio_err, "Error: offset too large\n");
+		goto end;
+		}
+
+	num -= offset;
+
+	if ((length == 0) || (length > num)) length=(unsigned int)num;
 	if(derout) {
 		if(BIO_write(derout, str + offset, length) != (int)length) {
 			BIO_printf(bio_err, "Error writing output\n");