From fcc7c0a7bf8214f5338d0543d1ad4c992d5e9da1 Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Sun, 8 Feb 2004 13:31:06 +0000 Subject: [PATCH] Fix handling of -offset and -length in asn1parse tool. If -offset exceeds -length of data available exit with an error. Don't read past end of total data available when -offset supplied. If -length exceeds total available truncate it. --- apps/asn1pars.c | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/apps/asn1pars.c b/apps/asn1pars.c index 8cc13ee2d1..4ec6ec2741 100644 --- a/apps/asn1pars.c +++ b/apps/asn1pars.c @@ -301,7 +301,15 @@ bad: num=tmplen; } - if (length == 0) length=(unsigned int)num; + if (offset >= num) + { + BIO_printf(bio_err, "Error: offset too large\n"); + goto end; + } + + num -= offset; + + if ((length == 0) || (length > num)) length=(unsigned int)num; if(derout) { if(BIO_write(derout, str + offset, length) != (int)length) { BIO_printf(bio_err, "Error writing output\n"); -- 2.25.1