giomba
/
opensc
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

asn1: Do not accept non-minimal encoding of OBJECT IDs

This commit is contained in:
Jakub Jelen 2019-11-06 13:05:22 +01:00
parent 37c8c46623
commit 2c913155a2
1 changed files with 6 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/libopensc/asn1.c
View File

@ -843,6 +843,12 @@ sc_asn1_decode_object_id(const u8 *inbuf, size_t inlen, struct sc_object_id *id)
while (inlen) {
if (!large_second_octet)
p++;
/* This signalizes empty most significant bits, which means
* the unsigned integer encoding is not minimal */
if (*p == 0x80) {
sc_init_oid(id);
return SC_ERROR_INVALID_ASN1_OBJECT;
}
/* Use unsigned type here so we can process the whole INT range.
* Values can not be negative */
a = *p & 0x7F;