In asn1_d2i_read_bio, don't assume BIO_read will

author Dr. Stephen Henson <steve@openssl.org>

Tue, 3 Dec 2002 23:50:59 +0000 (23:50 +0000)

committer Dr. Stephen Henson <steve@openssl.org>

Tue, 3 Dec 2002 23:50:59 +0000 (23:50 +0000)
author Dr. Stephen Henson <steve@openssl.org>
Tue, 3 Dec 2002 23:50:59 +0000 (23:50 +0000)
committer Dr. Stephen Henson <steve@openssl.org>
Tue, 3 Dec 2002 23:50:59 +0000 (23:50 +0000)
diff --git a/CHANGES b/CHANGES

index 2d7c5b5f5082729c3958ea7f360fce27b14375cc..ce2c1264a9681bda626212049ad76585239c5fa2 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -335,6 +335,11 @@ TODO: bug: pad  x  with leading zeros if necessary
   
   Changes between 0.9.6h and 0.9.7  [XX xxx 2002]
  
+  *) In asn1_d2i_read_bio() repeatedly call BIO_read() until all content
+     octets have been read, EOF or an error occurs. Without this change
+     some truncated ASN1 structures will not produce an error.
+     [Steve Henson]
+
    *) Disable Heimdal support, since it hasn't been fully implemented.
       Still give the possibility to force the use of Heimdal, but with
       warnings and a request that patches get sent to openssl-dev.
diff --git a/crypto/asn1/a_d2i_fp.c b/crypto/asn1/a_d2i_fp.c

index 71b4a286113e45ff9fb8a4a0fa87677da4aa1113..cfb56ae265a46279142ec10994c9fabba59b276d 100644 (file)
--- a/crypto/asn1/a_d2i_fp.c
+++ b/crypto/asn1/a_d2i_fp.c
@@ -226,13 +226,18 @@ static int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb)
                                         ASN1err(ASN1_F_ASN1_D2I_BIO,ERR_R_MALLOC_FAILURE);
                                         goto err;
                                         }
-                               i=BIO_read(in,&(b->data[len]),want);
-                               if (i <= 0)
+                               while (want > 0)
                                         {
-                                       ASN1err(ASN1_F_ASN1_D2I_BIO,ASN1_R_NOT_ENOUGH_DATA);
-                                       goto err;
+                                       i=BIO_read(in,&(b->data[len]),want);
+                                       if (i <= 0)
+                                               {
+                                               ASN1err(ASN1_F_ASN1_D2I_BIO,
+                                                   ASN1_R_NOT_ENOUGH_DATA);
+                                               goto err;
+                                               }
+                                       len+=i;
+                                       want -= i;
                                         }
-                               len+=i;
                                 }
                         off+=(int)c.slen;
                         if (eos <= 0)
author	Dr. Stephen Henson <steve@openssl.org>
	Tue, 3 Dec 2002 23:50:59 +0000 (23:50 +0000)
committer	Dr. Stephen Henson <steve@openssl.org>
	Tue, 3 Dec 2002 23:50:59 +0000 (23:50 +0000)
CHANGES		patch \| blob \| history
crypto/asn1/a_d2i_fp.c		patch \| blob \| history