diff options
| author | Matt Johnston <matt@ucc.asn.au> | 2020-06-10 23:16:13 +0800 |
|---|---|---|
| committer | Matt Johnston <matt@ucc.asn.au> | 2020-06-10 23:16:13 +0800 |
| commit | 4b305c5721f68e39320ca2e15b03a411da2305f1 (patch) | |
| tree | 5b1698939cf893223f14cec77ed446f28a7d921a /libtomcrypt/src/pk/asn1 | |
| parent | 615885be01188e433cf931e2f7f85394fdc31c5d (diff) | |
Merge libtomcrypt v1.18.2
Diffstat (limited to 'libtomcrypt/src/pk/asn1')
| -rw-r--r-- | libtomcrypt/src/pk/asn1/der/sequence/der_decode_sequence_flexi.c | 15 | ||||
| -rw-r--r-- | libtomcrypt/src/pk/asn1/der/sequence/der_decode_subject_public_key_info.c | 2 |
2 files changed, 14 insertions, 3 deletions
diff --git a/libtomcrypt/src/pk/asn1/der/sequence/der_decode_sequence_flexi.c b/libtomcrypt/src/pk/asn1/der/sequence/der_decode_sequence_flexi.c index 142ef95..cb93e8f 100644 --- a/libtomcrypt/src/pk/asn1/der/sequence/der_decode_sequence_flexi.c +++ b/libtomcrypt/src/pk/asn1/der/sequence/der_decode_sequence_flexi.c @@ -79,8 +79,8 @@ static int _new_element(ltc_asn1_list **l) */ int der_decode_sequence_flexi(const unsigned char *in, unsigned long *inlen, ltc_asn1_list **out) { - ltc_asn1_list *l; - unsigned long err, type, len, totlen, data_offset; + ltc_asn1_list *l, *t; + unsigned long err, type, len, totlen, data_offset, len_len; void *realloc_tmp; LTC_ARGCHK(in != NULL); @@ -407,6 +407,17 @@ int der_decode_sequence_flexi(const unsigned char *in, unsigned long *inlen, ltc l->child->parent = l; } + t = l; + len_len = 0; + while((t != NULL) && (t->child != NULL)) { + len_len++; + t = t->child; + } + if (len_len > LTC_DER_MAX_RECURSION) { + err = CRYPT_ERROR; + goto error; + } + break; case 0x80: /* Context-specific */ diff --git a/libtomcrypt/src/pk/asn1/der/sequence/der_decode_subject_public_key_info.c b/libtomcrypt/src/pk/asn1/der/sequence/der_decode_subject_public_key_info.c index 6826181..d2d0811 100644 --- a/libtomcrypt/src/pk/asn1/der/sequence/der_decode_subject_public_key_info.c +++ b/libtomcrypt/src/pk/asn1/der/sequence/der_decode_subject_public_key_info.c @@ -80,7 +80,7 @@ int der_decode_subject_public_key_info(const unsigned char *in, unsigned long in } if ((alg_id[0].size != oid.OIDlen) || - XMEMCMP(oid.OID, alg_id[0].data, oid.OIDlen * sizeof(oid.OID[0]))) { + XMEMCMP(oid.OID, alg_id[0].data, oid.OIDlen * sizeof(oid.OID[0])) != 0) { /* OID mismatch */ err = CRYPT_PK_INVALID_TYPE; goto LBL_ERR; |