generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

The OID sanity check was incorrect. It should only disallow *leading* 0x80

Browse Source 
values.
This commit is contained in:
Dr. Stephen Henson
2010-03-07 16:40:31 +00:00
parent 9a542ea01d
commit 5e8e7054f7
1 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
crypto/asn1/a_object.c
View File

@@ -291,12 +291,12 @@ ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp,
ASN1_OBJECT *ret=NULL;
const unsigned char *p;
int i;
/* Sanity check OID encoding: can't have 0x80 in subidentifiers, see:
* X.690 8.19.2
/* Sanity check OID encoding: can't have leading 0x80 in
* subidentifiers, see: X.690 8.19.2
*/
for (i = 0, p = *pp + 1; i < len - 1; i++, p++)
{
if (*p == 0x80)
if (*p == 0x80 && (!i || !(p[-1] & 0x80)))
{
ASN1err(ASN1_F_C2I_ASN1_OBJECT,ASN1_R_INVALID_OBJECT_ENCODING);
return NULL;