From 37ead9be0b990b94ec6dbf466cdc05f53c18d442 Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Sun, 8 Feb 2004 13:30:04 +0000 Subject: [PATCH] Fix handling of -offset and -length in asn1parse tool. If -offset exceeds -length of data available exit with an error. Don't read past end of total data available when -offset supplied. If -length exceeds total available truncate it. --- apps/asn1pars.c | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/apps/asn1pars.c b/apps/asn1pars.c index 5f8ba5e730..88db0d1978 100644 --- a/apps/asn1pars.c +++ b/apps/asn1pars.c @@ -333,7 +333,15 @@ bad: num=tmplen; } - if (length == 0) length=(unsigned int)num; + if (offset >= num) + { + BIO_printf(bio_err, "Error: offset too large\n"); + goto end; + } + + num -= offset; + + if ((length == 0) || (length > num)) length=(unsigned int)num; if(derout) { if(BIO_write(derout, str + offset, length) != (int)length) { BIO_printf(bio_err, "Error writing output\n"); -- 2.25.1