* ext/openssl/ossl_asn1.c (ossl_asn1_decode0): OpenSSL::ASN1.decode

should reject indefinite length primitive encodings as that is
          illegal. Patch by Martin Bosslet. See #4324.


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@30656 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
This commit is contained in:
nahi 2011-01-26 08:17:01 +00:00
Родитель 12893215b5
Коммит 0522ffd51f
3 изменённых файлов: 19 добавлений и 0 удалений

Просмотреть файл

@ -1,3 +1,9 @@
Wed Jan 26 17:08:59 2011 NAKAMURA, Hiroshi <nahi@ruby-lang.org>
* ext/openssl/ossl_asn1.c (ossl_asn1_decode0): OpenSSL::ASN1.decode
should reject indefinite length primitive encodings as that is
illegal. Patch by Martin Bosslet. See #4324.
Wed Jan 26 10:36:28 2011 NARUSE, Yui <naruse@ruby-lang.org>
* string.c (=~): documentation fix; the return value is nil when

Просмотреть файл

@ -772,6 +772,9 @@ ossl_asn1_decode0(unsigned char **pp, long length, long *offset, long depth,
else value = ossl_asn1_decode0(&p, len, &off, depth+1, 0, yield);
}
else{
if ((j & 0x01) && (len == 0)) {
ossl_raise(eASN1Error, "Infinite length for primitive value");
}
value = rb_str_new((const char *)p, len);
p += len;
off += len;

Просмотреть файл

@ -430,4 +430,14 @@ class OpenSSL::TestASN1 < Test::Unit::TestCase
end
end
def test_primitive_inf_length
assert_raises(OpenSSL::ASN1::ASN1Error) do
spec = %w{ 02 80 02 01 01 00 00 }
raw = [spec.join('')].pack('H*')
OpenSSL::ASN1.decode(raw)
OpenSSL::ASN1.decode_all(raw)
end
end
end if defined?(OpenSSL)