diff options
| author | Emilia Kasper <emilia@openssl.org> | 2014-08-25 12:38:16 +0200 |
|---|---|---|
| committer | Janusz Kozerski <j.kozerski@samsung.com> | 2014-10-20 15:25:35 +0200 |
| commit | 67e9178609299f192aa683a8a55dcfb6992e3fc0 (patch) | |
| tree | 830f0fcafecf0632227f5075e877a109d983b50c | |
| parent | a1078088f6af8c688f725556bf211ecedba789c6 (diff) | |
| download | openssl-67e9178609299f192aa683a8a55dcfb6992e3fc0.tar.gz openssl-67e9178609299f192aa683a8a55dcfb6992e3fc0.tar.bz2 openssl-67e9178609299f192aa683a8a55dcfb6992e3fc0.zip | |
Explicitly check for empty ASN.1 strings in d2i_ECPrivateKey
The old code implicitly relies on the ASN.1 code returning a \0-prefixed buffer
when the buffer length is 0. Change this to verify explicitly that the ASN.1 string
has positive length.
Reviewed-by: Dr Stephen Henson <steve@openssl.org>
(cherry picked from commit 82dc08de54ce443c2a9ac478faffe79e76157795)
| -rw-r--r-- | crypto/ec/ec_asn1.c | 12 |
1 files changed, 9 insertions, 3 deletions
diff --git a/crypto/ec/ec_asn1.c b/crypto/ec/ec_asn1.c index 26d6360..52d31c2 100644 --- a/crypto/ec/ec_asn1.c +++ b/crypto/ec/ec_asn1.c @@ -1195,14 +1195,20 @@ EC_KEY *d2i_ECPrivateKey(EC_KEY **a, const unsigned char **in, long len) if (priv_key->publicKey) { const unsigned char *pub_oct; - size_t pub_oct_len; + int pub_oct_len; pub_oct = M_ASN1_STRING_data(priv_key->publicKey); pub_oct_len = M_ASN1_STRING_length(priv_key->publicKey); - /* save the point conversion form */ + /* The first byte - point conversion form - must be present. */ + if (pub_oct_len <= 0) + { + ECerr(EC_F_D2I_ECPRIVATEKEY, EC_R_BUFFER_TOO_SMALL); + goto err; + } + /* Save the point conversion form. */ ret->conv_form = (point_conversion_form_t)(pub_oct[0] & ~0x01); if (!EC_POINT_oct2point(ret->group, ret->pub_key, - pub_oct, pub_oct_len, NULL)) + pub_oct, (size_t)(pub_oct_len), NULL)) { ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_EC_LIB); goto err; |