Do not return illegal values in asn1_get_bit_der().

author: Nikos Mavrogiannopoulos <nmav@gnutls.org> 2014-05-16 22:10:08 +0200
committer: Nikos Mavrogiannopoulos <nmav@gnutls.org> 2014-05-16 22:10:08 +0200
commit: 1c3ccb3e040bf13e342ee60bc23b21b97b11923f (patch)
tree: aa86d6f1dd5984540c0291dd17da0af96ebbdcda /lib
parent: 8596690b7885520d8d0b864e53cf94cc4051360a (diff)
download: libtasn1-1c3ccb3e040bf13e342ee60bc23b21b97b11923f.tar.gz
libtasn1-1c3ccb3e040bf13e342ee60bc23b21b97b11923f.tar.bz2
libtasn1-1c3ccb3e040bf13e342ee60bc23b21b97b11923f.zip
1 files changed, 5 insertions, 2 deletions
diff --git a/lib/decoding.c b/lib/decoding.c
index 7e0ed05..894be79 100644
--- a/lib/decoding.c
+++ b/lib/decoding.c
@@ -249,7 +249,7 @@ asn1_get_octet_der (const unsigned char *der, int der_len,
 		    int *ret_len, unsigned char *str, int str_size,
 		    int *str_len)
 {
-  int len_len;
+  int len_len = 0;
 
   if (der_len <= 0)
     return ASN1_GENERIC_ERROR;
@@ -371,7 +371,7 @@ asn1_get_bit_der (const unsigned char *der, int der_len,
 		  int *ret_len, unsigned char *str, int str_size,
 		  int *bit_len)
 {
-  int len_len, len_byte;
+  int len_len = 0, len_byte;
 
   if (der_len <= 0)
     return ASN1_GENERIC_ERROR;
@@ -381,6 +381,9 @@ asn1_get_bit_der (const unsigned char *der, int der_len,
 
   *ret_len = len_byte + len_len + 1;
   *bit_len = len_byte * 8 - der[len_len];
+  
+  if (*bit_len <= 0)
+    return ASN1_DER_ERROR;
 
   if (str_size >= len_byte)
     memcpy (str, der + len_len + 1, len_byte);
author	Nikos Mavrogiannopoulos <nmav@gnutls.org>	2014-05-16 22:10:08 +0200
committer	Nikos Mavrogiannopoulos <nmav@gnutls.org>	2014-05-16 22:10:08 +0200
commit	1c3ccb3e040bf13e342ee60bc23b21b97b11923f (patch)
tree	aa86d6f1dd5984540c0291dd17da0af96ebbdcda /lib
parent	8596690b7885520d8d0b864e53cf94cc4051360a (diff)
download	libtasn1-1c3ccb3e040bf13e342ee60bc23b21b97b11923f.tar.gz libtasn1-1c3ccb3e040bf13e342ee60bc23b21b97b11923f.tar.bz2 libtasn1-1c3ccb3e040bf13e342ee60bc23b21b97b11923f.zip