[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[SCM] GNU libtasn1 branch, master, updated. libtasn1_4_1-3-ge91cb99
|
From: |
Nikos Mavrogiannopoulos |
|
Subject: |
[SCM] GNU libtasn1 branch, master, updated. libtasn1_4_1-3-ge91cb99 |
|
Date: |
Fri, 29 Aug 2014 15:24:48 +0000 |
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU libtasn1".
http://git.savannah.gnu.org/cgit/libtasn1.git/commit/?id=e91cb99ce0b2e01b0ea1ec9e57415f0e2064560c
The branch, master has been updated
via e91cb99ce0b2e01b0ea1ec9e57415f0e2064560c (commit)
via 39fe038987321079016f9ace2beac13758523d8c (commit)
via 564ca04592ad5604fe5c7344ec9e62bc04879ef7 (commit)
from 0d3ab4992fcc0798c48b686b9abc68d058feb2b9 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit e91cb99ce0b2e01b0ea1ec9e57415f0e2064560c
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Fri Aug 29 17:24:41 2014 +0200
doc update
commit 39fe038987321079016f9ace2beac13758523d8c
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Fri Aug 29 16:35:43 2014 +0200
updated todo
commit 564ca04592ad5604fe5c7344ec9e62bc04879ef7
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Fri Aug 29 16:34:39 2014 +0200
perform sanity checks in Time field
-----------------------------------------------------------------------
Summary of changes:
NEWS | 3 +++
doc/TODO | 4 ++--
lib/decoding.c | 55 +++++++++++++++++++++++++++++++++++++++++++++++++++----
3 files changed, 56 insertions(+), 6 deletions(-)
diff --git a/NEWS b/NEWS
index 49a0929..c4ad461 100644
--- a/NEWS
+++ b/NEWS
@@ -1,5 +1,8 @@
GNU Libtasn1 NEWS -*- outline -*-
+* Noteworthy changes in release 4.2 (unreleased) [stable]
+- Added sanity checks in the decoding of time
+
* Noteworthy changes in release 4.1 (released 2014-08-23) [stable]
- Corrected indefinite tag check in ANY constructions. That allows
the decoding of BER-encoded structures that contain indefinite
diff --git a/doc/TODO b/doc/TODO
index cf2b029..58abcd2 100644
--- a/doc/TODO
+++ b/doc/TODO
@@ -4,8 +4,8 @@ in order to avoid having people working on the same thing.
Current list:
+ Audit the code
-+ Eliminate the need for ltostr() and its reverse
-+ C structure generation instead of a single array
+* Allow extracting the time in a reasonable format (e.g. time_t)
+* C structure generation instead of a single array
- Add the checking of default value (e.g. 'INTEGER DEFAULT v1')
- Check _asn1_objectid_der, crashes on "0" input, gives incorrect encoding?
diff --git a/lib/decoding.c b/lib/decoding.c
index fd6ef5b..9622fda 100644
--- a/lib/decoding.c
+++ b/lib/decoding.c
@@ -276,12 +276,17 @@ asn1_get_octet_der (const unsigned char *der, int der_len,
}
/* Returns ASN1_SUCCESS on success or an error code on error.
+ * type should be one of ASN1_ETYPE_GENERALIZED_TIME or ASN1_ETYPE_UTC_TIME.
*/
static int
-_asn1_get_time_der (const unsigned char *der, int der_len, int *ret_len,
- char *str, int str_size)
+_asn1_get_time_der (unsigned type, const unsigned char *der, int der_len, int
*ret_len,
+ char *str, int str_size, unsigned flags)
{
int len_len, str_len;
+ unsigned i;
+ unsigned sign_count = 0;
+ unsigned dot_count = 0;
+ const unsigned char *p;
if (der_len <= 0 || str == NULL)
return ASN1_DER_ERROR;
@@ -290,6 +295,48 @@ _asn1_get_time_der (const unsigned char *der, int der_len,
int *ret_len,
if (str_len <= 0 || str_size < str_len)
return ASN1_DER_ERROR;
+ /* perform some sanity checks on the data */
+ if (str_len < 8)
+ {
+ warn();
+ return ASN1_DER_ERROR;
+ }
+
+ p = &der[len_len];
+ for (i=0;i<str_len-1;i++)
+ {
+ if (isdigit(p[i]) == 0)
+ {
+ if (type == ASN1_ETYPE_GENERALIZED_TIME)
+ {
+ /* tolerate lax encodings */
+ if (p[i] == '.' && dot_count == 0)
+ {
+ dot_count++;
+ continue;
+ }
+
+ /* This is not really valid DER, but there are
+ * structures using that */
+ if (!(flags & ASN1_DECODE_FLAG_STRICT_DER) &&
+ (p[i] == '+' || p[i] == '-') && sign_count == 0)
+ {
+ sign_count++;
+ continue;
+ }
+ }
+
+ warn();
+ return ASN1_DER_ERROR;
+ }
+ }
+
+ if (sign_count == 0 && p[str_len-1] != 'Z')
+ {
+ warn();
+ return ASN1_DER_ERROR;
+ }
+
memcpy (str, der + len_len, str_len);
str[str_len] = 0;
*ret_len = str_len + len_len;
@@ -1181,8 +1228,8 @@ asn1_der_decoding2 (asn1_node *element, const void *ider,
int *max_ider_len,
case ASN1_ETYPE_GENERALIZED_TIME:
case ASN1_ETYPE_UTC_TIME:
result =
- _asn1_get_time_der (der + counter, ider_len, &len2, temp,
- sizeof (temp) - 1);
+ _asn1_get_time_der (type_field (p->type), der + counter,
ider_len, &len2, temp,
+ sizeof (temp) - 1, flags);
if (result != ASN1_SUCCESS)
{
warn();
hooks/post-receive
--
GNU libtasn1
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [SCM] GNU libtasn1 branch, master, updated. libtasn1_4_1-3-ge91cb99,
Nikos Mavrogiannopoulos <=