X-Git-Url: https://git.openssl.org/gitweb/?a=blobdiff_plain;f=crypto%2Fasn1%2Ftasn_dec.c;h=0604c51eca38bde9f912d7217d79b447cdb80253;hb=5e4430e70df0020f5f1517249851696cb9ac4ad2;hp=39a9d5a9aab472959d46cda1f1bd06317513b39a;hpb=e1cc0671ac5814b71867abde28ec03bca51df171;p=openssl.git diff --git a/crypto/asn1/tasn_dec.c b/crypto/asn1/tasn_dec.c index 39a9d5a9aa..0604c51eca 100644 --- a/crypto/asn1/tasn_dec.c +++ b/crypto/asn1/tasn_dec.c @@ -3,7 +3,7 @@ * project 2000. */ /* ==================================================================== - * Copyright (c) 2000-2004 The OpenSSL Project. All rights reserved. + * Copyright (c) 2000-2005 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -93,12 +93,12 @@ static int asn1_d2i_ex_primitive(ASN1_VALUE **pval, int tag, int aclass, char opt, ASN1_TLC *ctx); /* Table to convert tags to bit values, used for MSTRING type */ -static unsigned long tag2bit[32] = { +static const unsigned long tag2bit[32] = { 0, 0, 0, B_ASN1_BIT_STRING, /* tags 0 - 3 */ B_ASN1_OCTET_STRING, 0, 0, B_ASN1_UNKNOWN,/* tags 4- 7 */ B_ASN1_UNKNOWN, B_ASN1_UNKNOWN, B_ASN1_UNKNOWN, B_ASN1_UNKNOWN,/* tags 8-11 */ B_ASN1_UTF8STRING,B_ASN1_UNKNOWN,B_ASN1_UNKNOWN,B_ASN1_UNKNOWN,/* tags 12-15 */ -0, 0, B_ASN1_NUMERICSTRING,B_ASN1_PRINTABLESTRING, /* tags 16-19 */ +B_ASN1_SEQUENCE,0,B_ASN1_NUMERICSTRING,B_ASN1_PRINTABLESTRING, /* tags 16-19 */ B_ASN1_T61STRING,B_ASN1_VIDEOTEXSTRING,B_ASN1_IA5STRING, /* tags 20-22 */ B_ASN1_UTCTIME, B_ASN1_GENERALIZEDTIME, /* tags 23-24 */ B_ASN1_GRAPHICSTRING,B_ASN1_ISO64STRING,B_ASN1_GENERALSTRING, /* tags 25-27 */ @@ -114,6 +114,8 @@ unsigned long ASN1_tag2bit(int tag) /* Macro to initialize and invalidate the cache */ #define asn1_tlc_clear(c) if (c) (c)->valid = 0 +/* Version to avoid compiler warning about 'c' always non-NULL */ +#define asn1_tlc_clear_nc(c) (c)->valid = 0 /* Decode an ASN1 item, this currently behaves just * like a standard 'd2i' function. 'in' points to @@ -124,13 +126,14 @@ unsigned long ASN1_tag2bit(int tag) */ ASN1_VALUE *ASN1_item_d2i(ASN1_VALUE **pval, - const unsigned char **in, long len, const ASN1_ITEM *it) + const unsigned char **in, size_t len, + const ASN1_ITEM *it) { ASN1_TLC c; ASN1_VALUE *ptmpval = NULL; if (!pval) pval = &ptmpval; - asn1_tlc_clear(&c); + asn1_tlc_clear_nc(&c); if (ASN1_item_ex_d2i(pval, in, len, it, -1, 0, 0, &c) > 0) return *pval; return NULL; @@ -140,7 +143,7 @@ int ASN1_template_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, const ASN1_TEMPLATE *tt) { ASN1_TLC c; - asn1_tlc_clear(&c); + asn1_tlc_clear_nc(&c); return asn1_template_ex_d2i(pval, in, len, tt, 0, &c); } @@ -158,7 +161,7 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, const ASN1_EXTERN_FUNCS *ef; const ASN1_AUX *aux = it->funcs; ASN1_aux_cb *asn1_cb; - const unsigned char *p, *q; + const unsigned char *p = NULL, *q; unsigned char *wp=NULL; /* BIG FAT WARNING! BREAKS CONST WHERE USED */ unsigned char imphack = 0, oclass; char seq_eoc, seq_nolen, cst, isopt; @@ -283,6 +286,12 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, { wp = *(unsigned char **)in; imphack = *wp; + if (p == NULL) + { + ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, + ERR_R_NESTED_ASN1_ERROR); + goto err; + } *wp = (unsigned char)((*p & V_ASN1_CONSTRUCTED) | it->utype); } @@ -300,7 +309,7 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, case ASN1_ITYPE_CHOICE: - if (asn1_cb && !asn1_cb(ASN1_OP_D2I_PRE, pval, it)) + if (asn1_cb && !asn1_cb(ASN1_OP_D2I_PRE, pval, it, NULL)) goto auxerr; /* Allocate structure */ @@ -350,7 +359,7 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, asn1_set_choice_selector(pval, i, it); *in = p; - if (asn1_cb && !asn1_cb(ASN1_OP_D2I_POST, pval, it)) + if (asn1_cb && !asn1_cb(ASN1_OP_D2I_POST, pval, it, NULL)) goto auxerr; return 1; @@ -397,7 +406,7 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, goto err; } - if (asn1_cb && !asn1_cb(ASN1_OP_D2I_PRE, pval, it)) + if (asn1_cb && !asn1_cb(ASN1_OP_D2I_PRE, pval, it, NULL)) goto auxerr; /* Get each field entry */ @@ -499,7 +508,7 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, if (!asn1_enc_save(pval, *in, p - *in, it)) goto auxerr; *in = p; - if (asn1_cb && !asn1_cb(ASN1_OP_D2I_POST, pval, it)) + if (asn1_cb && !asn1_cb(ASN1_OP_D2I_POST, pval, it, NULL)) goto auxerr; return 1; @@ -579,7 +588,7 @@ static int asn1_template_ex_d2i(ASN1_VALUE **val, /* If NDEF we must have an EOC here */ if (!asn1_check_eoc(&p, len)) { - ASN1err(ASN1_F_ASN1_TEMPLATE_D2I, + ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I, ASN1_R_MISSING_EOC); goto err; } @@ -590,7 +599,7 @@ static int asn1_template_ex_d2i(ASN1_VALUE **val, * an error */ if (len) { - ASN1err(ASN1_F_ASN1_TEMPLATE_D2I, + ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I, ASN1_R_EXPLICIT_LENGTH_MISMATCH); goto err; } @@ -649,7 +658,7 @@ static int asn1_template_noexp_d2i(ASN1_VALUE **val, &p, len, sktag, skaclass, opt, ctx); if (!ret) { - ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I, + ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, ERR_R_NESTED_ASN1_ERROR); return 0; } @@ -660,11 +669,12 @@ static int asn1_template_noexp_d2i(ASN1_VALUE **val, else { /* We've got a valid STACK: free up any items present */ - STACK *sktmp = (STACK *)*val; + STACK_OF(ASN1_VALUE) *sktmp + = (STACK_OF(ASN1_VALUE) *)*val; ASN1_VALUE *vtmp; - while(sk_num(sktmp) > 0) + while(sk_ASN1_VALUE_num(sktmp) > 0) { - vtmp = (ASN1_VALUE *)sk_pop(sktmp); + vtmp = sk_ASN1_VALUE_pop(sktmp); ASN1_item_ex_free(&vtmp, ASN1_ITEM_ptr(tt->item)); } @@ -672,7 +682,7 @@ static int asn1_template_noexp_d2i(ASN1_VALUE **val, if (!*val) { - ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I, + ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, ERR_R_MALLOC_FAILURE); goto err; } @@ -687,7 +697,7 @@ static int asn1_template_noexp_d2i(ASN1_VALUE **val, { if (!sk_eoc) { - ASN1err(ASN1_F_ASN1_TEMPLATE_D2I, + ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, ASN1_R_UNEXPECTED_EOC); goto err; } @@ -700,21 +710,22 @@ static int asn1_template_noexp_d2i(ASN1_VALUE **val, ASN1_ITEM_ptr(tt->item), -1, 0, 0, ctx)) { - ASN1err(ASN1_F_ASN1_TEMPLATE_D2I, + ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, ERR_R_NESTED_ASN1_ERROR); goto err; } len -= p - q; - if (!sk_push((STACK *)*val, (char *)skfield)) + if (!sk_ASN1_VALUE_push((STACK_OF(ASN1_VALUE) *)*val, + skfield)) { - ASN1err(ASN1_F_ASN1_TEMPLATE_D2I, + ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, ERR_R_MALLOC_FAILURE); goto err; } } if (sk_eoc) { - ASN1err(ASN1_F_ASN1_TEMPLATE_D2I, ASN1_R_MISSING_EOC); + ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, ASN1_R_MISSING_EOC); goto err; } } @@ -725,7 +736,7 @@ static int asn1_template_noexp_d2i(ASN1_VALUE **val, ASN1_ITEM_ptr(tt->item), tt->tag, aclass, opt, ctx); if (!ret) { - ASN1err(ASN1_F_ASN1_TEMPLATE_D2I, + ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, ERR_R_NESTED_ASN1_ERROR); goto err; } @@ -739,7 +750,7 @@ static int asn1_template_noexp_d2i(ASN1_VALUE **val, -1, 0, opt, ctx); if (!ret) { - ASN1err(ASN1_F_ASN1_TEMPLATE_D2I, + ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, ERR_R_NESTED_ASN1_ERROR); goto err; } @@ -826,6 +837,7 @@ static int asn1_d2i_ex_primitive(ASN1_VALUE **pval, } else if (ret == -1) return -1; + ret = 0; /* SEQUENCE, SET and "OTHER" are left in encoded form */ if ((utype == V_ASN1_SEQUENCE) || (utype == V_ASN1_SET) || (utype == V_ASN1_OTHER)) @@ -872,7 +884,10 @@ static int asn1_d2i_ex_primitive(ASN1_VALUE **pval, * for UNIVERSAL class and ignore the tag. */ if (!asn1_collect(&buf, &p, plen, inf, -1, V_ASN1_UNIVERSAL)) + { + free_cont = 1; goto err; + } len = buf.length; /* Append a final null to string */ if (!BUF_MEM_grow_clean(&buf, len + 1)) @@ -924,6 +939,8 @@ int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, if (!*pval) { typ = ASN1_TYPE_new(); + if (typ == NULL) + goto err; *pval = (ASN1_VALUE *)typ; } else @@ -932,7 +949,7 @@ int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, if (utype != typ->type) ASN1_TYPE_set(typ, utype, NULL); opval = pval; - pval = (ASN1_VALUE **)&typ->value.ptr; + pval = &typ->value.asn1_value; } switch(utype) { @@ -944,7 +961,7 @@ int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, case V_ASN1_NULL: if (len) { - ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, + ASN1err(ASN1_F_ASN1_EX_C2I, ASN1_R_NULL_IS_WRONG_LENGTH); goto err; } @@ -954,7 +971,7 @@ int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, case V_ASN1_BOOLEAN: if (len != 1) { - ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, + ASN1err(ASN1_F_ASN1_EX_C2I, ASN1_R_BOOLEAN_IS_WRONG_LENGTH); goto err; } @@ -1006,7 +1023,7 @@ int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, stmp = ASN1_STRING_type_new(utype); if (!stmp) { - ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, + ASN1err(ASN1_F_ASN1_EX_C2I, ERR_R_MALLOC_FAILURE); goto err; } @@ -1030,7 +1047,7 @@ int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, { if (!ASN1_STRING_set(stmp, cont, len)) { - ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, + ASN1err(ASN1_F_ASN1_EX_C2I, ERR_R_MALLOC_FAILURE); ASN1_STRING_free(stmp); *pval = NULL; @@ -1159,10 +1176,15 @@ static int asn1_collect(BUF_MEM *buf, const unsigned char **in, long len, /* If indefinite length constructed update max length */ if (cst) { +#ifdef OPENSSL_ALLOW_NESTED_ASN1_STRINGS if (!asn1_collect(buf, &p, plen, ininf, tag, aclass)) return 0; +#else + ASN1err(ASN1_F_ASN1_COLLECT, ASN1_R_NESTED_ASN1_STRING); + return 0; +#endif } - else if (!collect_data(buf, &p, plen)) + else if (plen && !collect_data(buf, &p, plen)) return 0; len -= p - q; } @@ -1222,7 +1244,7 @@ static int asn1_check_tlen(long *olen, int *otag, unsigned char *oclass, { int i; int ptag, pclass; - long plen; + size_t plen; const unsigned char *p, *q; p = *in; q = p;