Trap an invalid ASN1_ITEM construction and print out
authorDr. Stephen Henson <steve@openssl.org>
Sun, 25 Feb 2001 14:11:31 +0000 (14:11 +0000)
committerDr. Stephen Henson <steve@openssl.org>
Sun, 25 Feb 2001 14:11:31 +0000 (14:11 +0000)
the errant field for more ASN1 error conditions.

crypto/asn1/asn1.h
crypto/asn1/asn1_err.c
crypto/asn1/tasn_dec.c

index a79ad0d..a3b992f 100644 (file)
@@ -1083,6 +1083,7 @@ int ASN1_item_i2d(ASN1_VALUE *val, unsigned char **out, const ASN1_ITEM *it);
 #define ASN1_R_ILLEGAL_CHARACTERS                       124
 #define ASN1_R_ILLEGAL_NULL                             125
 #define ASN1_R_ILLEGAL_OPTIONAL_ANY                     126
+#define ASN1_R_ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE                 170
 #define ASN1_R_ILLEGAL_TAGGED_ANY                       127
 #define ASN1_R_INTEGER_TOO_LARGE_FOR_LONG               128
 #define ASN1_R_INVALID_BMPSTRING_LENGTH                         129
index 9587394..591f55d 100644 (file)
@@ -172,6 +172,7 @@ static ERR_STRING_DATA ASN1_str_reasons[]=
 {ASN1_R_ILLEGAL_CHARACTERS               ,"illegal characters"},
 {ASN1_R_ILLEGAL_NULL                     ,"illegal null"},
 {ASN1_R_ILLEGAL_OPTIONAL_ANY             ,"illegal optional any"},
+{ASN1_R_ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE ,"illegal options on item template"},
 {ASN1_R_ILLEGAL_TAGGED_ANY               ,"illegal tagged any"},
 {ASN1_R_INTEGER_TOO_LARGE_FOR_LONG       ,"integer too large for long"},
 {ASN1_R_INVALID_BMPSTRING_LENGTH         ,"invalid bmpstring length"},
index ab6f942..3c77f38 100644 (file)
@@ -132,8 +132,18 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, unsigned char **in, long len, const ASN1
        switch(it->itype) {
 
                case ASN1_ITYPE_PRIMITIVE:
-               if(it->templates)
+               if(it->templates) {
+                       /* tagging or OPTIONAL is currently illegal on an item template
+                        * because the flags can't get passed down. In practice this isn't
+                        * a problem: we include the relevant flags from the item template
+                        * in the template itself.
+                        */
+                       if ((tag != -1) || opt) {
+                               ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE);
+                               goto err;
+                       }
                        return asn1_template_ex_d2i(pval, in, len, it->templates, opt, ctx);
+               }
                return asn1_d2i_ex_primitive(pval, in, len, it, tag, aclass, opt, ctx);
                break;
 
@@ -232,21 +242,21 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, unsigned char **in, long len, const ASN1
                        /* Otherwise must be an ASN1 parsing error */
                        errtt = tt;
                        ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
-                       return 0;
+                       goto err;
                }
                /* Did we fall off the end without reading anything? */
                if(i == it->tcount) {
                        /* If OPTIONAL, this is OK */
                        if(opt) return -1;
                        ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_NO_MATCHING_CHOICE_TYPE);
-                       return 0;
+                       goto err;
                }
                /* Otherwise we got a match, allocate structure and populate it */
                if(!*pval) {
                        if(!ASN1_item_ex_new(pval, it)) {
                                errtt = tt;
                                ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
-                               return 0;
+                               goto err;
                        }
                }
                pchptr = asn1_get_field_ptr(pval, tt);