ASN1 sanity check.

author Dr. Stephen Henson <steve@openssl.org>

Tue, 1 Jul 2014 23:57:57 +0000 (00:57 +0100)

committer Dr. Stephen Henson <steve@openssl.org>

Tue, 1 Jul 2014 23:59:26 +0000 (00:59 +0100)
author Dr. Stephen Henson <steve@openssl.org>
Tue, 1 Jul 2014 23:57:57 +0000 (00:57 +0100)
committer Dr. Stephen Henson <steve@openssl.org>
Tue, 1 Jul 2014 23:59:26 +0000 (00:59 +0100)
diff --git a/crypto/asn1/asn1_lib.c b/crypto/asn1/asn1_lib.c

index 74ca7d4fa3786600b26ee1b531fd4a13be148d69..f1360ed7357dff33a4ad33fc903dfa5d56391b41 100644 (file)
--- a/crypto/asn1/asn1_lib.c
+++ b/crypto/asn1/asn1_lib.c
@@ -131,6 +131,9 @@ int ASN1_get_object(const unsigned char **pp, long *plength, int *ptag,
         *pclass=xclass;
         if (!asn1_get_length(&p,&inf,plength,(int)max)) goto err;
  
+       if (inf && !(ret & V_ASN1_CONSTRUCTED))
+               goto err;
+
  #if 0
         fprintf(stderr,"p=%d + *plength=%ld > omax=%ld + *pp=%d  (%d > %d)\n", 
                 (int)p,*plength,omax,(int)*pp,(int)(p+ *plength),
author	Dr. Stephen Henson <steve@openssl.org>
	Tue, 1 Jul 2014 23:57:57 +0000 (00:57 +0100)
committer	Dr. Stephen Henson <steve@openssl.org>
	Tue, 1 Jul 2014 23:59:26 +0000 (00:59 +0100)