Skip to content

T
Third Party Openssl

OpenHarmony / Third Party Openssl
大约 1 年 前同步成功

通知 9
Star 18
Fork 1
T
Third Party Openssl

体验新版 GitCode,发现更多精彩内容 >>

提交 e9f17097 编写于 作者: D Dr. Stephen Henson
浏览文件
操作

Check for overflows in ASN1_object_size(). 

Reviewed-by: NRichard Levitte <levitte@openssl.org>
上级 f37c159a
显示空白变更内容
内联 并排
Showing with 16 addition and 12 deletion
crypto/asn1/asn1_lib.c
浏览文件 @ e9f17097
...@@ -206,26 +206,30 @@ static void asn1_put_length(unsigned char **pp, int length) ...@@ -206,26 +206,30 @@ static void asn1_put_length(unsigned char **pp, int length)
int ASN1_object_size(int constructed, int length, int tag) int ASN1_object_size(int constructed, int length, int tag)
{ {
int ret; int ret = 1;
if (length < 0)
ret = length; return -1;
ret++;
if (tag >= 31) { if (tag >= 31) {
while (tag > 0) { while (tag > 0) {
tag >>= 7; tag >>= 7;
ret++; ret++;
} }
} }
if (constructed == 2) if (constructed == 2) {
return ret + 3; ret += 3;
} else {
ret++; ret++;
if (length > 127) { if (length > 127) {
while (length > 0) { int tmplen = length;
length >>= 8; while (tmplen > 0) {
tmplen >>= 8;
ret++; ret++;
} }
} }
return (ret); }
if (ret >= INT_MAX - length)
return -1;
return ret + length;
} }
int ASN1_STRING_copy(ASN1_STRING *dst, const ASN1_STRING *str) int ASN1_STRING_copy(ASN1_STRING *dst, const ASN1_STRING *str)
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册