Handle BER length encoding.

author Dr. Stephen Henson <steve@openssl.org>

Sat, 28 Jun 2014 13:04:36 +0000 (14:04 +0100)

committer Dr. Stephen Henson <steve@openssl.org>

Sat, 28 Jun 2014 23:07:08 +0000 (00:07 +0100)
author Dr. Stephen Henson <steve@openssl.org>
Sat, 28 Jun 2014 13:04:36 +0000 (14:04 +0100)
committer Dr. Stephen Henson <steve@openssl.org>
Sat, 28 Jun 2014 23:07:08 +0000 (00:07 +0100)
diff --git a/crypto/asn1/asn1_lib.c b/crypto/asn1/asn1_lib.c

index 1bcb44aee203637ec70a60fe616588696bac32ac..74ca7d4fa3786600b26ee1b531fd4a13be148d69 100644 (file)
--- a/crypto/asn1/asn1_lib.c
+++ b/crypto/asn1/asn1_lib.c
@@ -170,14 +170,20 @@ static int asn1_get_length(const unsigned char **pp, int *inf, long *rl, int max
                 i= *p&0x7f;
                 if (*(p++) & 0x80)
                         {
+                       if (max < (int)i)
+                               return 0;
+                       /* Skip leading zeroes */
+                       while (i && *p == 0)
+                               {
+                               p++;
+                               i--;
+                               }
                         if (i > sizeof(long))
                                 return 0;
-                       if (max-- == 0) return(0);
                         while (i-- > 0)
                                 {
                                 ret<<=8L;
                                 ret|= *(p++);
-                               if (max-- == 0) return(0);
                                 }
                         }
                 else
author	Dr. Stephen Henson <steve@openssl.org>
	Sat, 28 Jun 2014 13:04:36 +0000 (14:04 +0100)
committer	Dr. Stephen Henson <steve@openssl.org>
	Sat, 28 Jun 2014 23:07:08 +0000 (00:07 +0100)