From c1814571bd09440e09b7c32285367d580d65650a Mon Sep 17 00:00:00 2001 From: Jakub Jelen Date: Thu, 24 Oct 2019 11:25:30 +0200 Subject: [PATCH] asn1: Avoid invalid unused bits values --- src/libopensc/asn1.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/libopensc/asn1.c b/src/libopensc/asn1.c index b9e38ead..0df8663b 100644 --- a/src/libopensc/asn1.c +++ b/src/libopensc/asn1.c @@ -577,6 +577,9 @@ static int decode_bit_string(const u8 * inbuf, size_t inlen, void *outbuf, if (inlen < 1) return SC_ERROR_INVALID_ASN1_OBJECT; + /* ITU-T Rec. X.690 8.6.2.2: The number shall be in the range zero to seven. */ + if ((*in & ~0x07) != 0) + return SC_ERROR_INVALID_ASN1_OBJECT; memset(outbuf, 0, outlen); zero_bits = *in & 0x07; in++;