|
 |
8e8e16 |
From ce148a2e0872b708450005cf0b3a944014aae990 Mon Sep 17 00:00:00 2001
|
|
|
8e8e16 |
From: Dana Jacobsen <dana@acm.org>
|
|
|
8e8e16 |
Date: Tue, 29 Oct 2013 08:37:48 -0700
|
|
|
8e8e16 |
Subject: [PATCH 1/2] Fix unsafe decoding in indef case
|
|
|
8e8e16 |
|
|
|
8e8e16 |
Bug: https://github.com/gbarr/perl-Convert-ASN1/pull/15
|
|
|
8e8e16 |
---
|
|
|
8e8e16 |
lib/Convert/ASN1/_decode.pm | 1 +
|
|
|
8e8e16 |
1 file changed, 1 insertion(+)
|
|
|
8e8e16 |
|
|
|
8e8e16 |
diff --git a/lib/Convert/ASN1/_decode.pm b/lib/Convert/ASN1/_decode.pm
|
|
|
8e8e16 |
index e811e8d..eb2b584 100644
|
|
|
8e8e16 |
--- a/lib/Convert/ASN1/_decode.pm
|
|
|
8e8e16 |
+++ b/lib/Convert/ASN1/_decode.pm
|
|
|
8e8e16 |
@@ -685,6 +685,7 @@ sub _scan_indef {
|
|
|
8e8e16 |
if((unpack("C",$tag) & 0x1f) == 0x1f) {
|
|
|
8e8e16 |
my $b;
|
|
|
8e8e16 |
do {
|
|
|
8e8e16 |
+ return if $pos >= $end;
|
|
|
8e8e16 |
$tag .= substr($_[0],$pos++,1);
|
|
|
8e8e16 |
$b = ord substr($tag,-1);
|
|
|
8e8e16 |
} while($b & 0x80);
|
|
|
8e8e16 |
|
|
|
8e8e16 |
From 8125d99e15596fee1b5f904ed74a76bccf54082d Mon Sep 17 00:00:00 2001
|
|
|
8e8e16 |
From: Dana Jacobsen <dana@acm.org>
|
|
|
8e8e16 |
Date: Tue, 29 Oct 2013 08:53:09 -0700
|
|
|
8e8e16 |
Subject: [PATCH 2/2] Add second part of position check
|
|
|
8e8e16 |
|
|
|
8e8e16 |
Bug: https://github.com/gbarr/perl-Convert-ASN1/pull/15
|
|
|
8e8e16 |
---
|
|
|
8e8e16 |
lib/Convert/ASN1/_decode.pm | 1 +
|
|
|
8e8e16 |
1 file changed, 1 insertion(+)
|
|
|
8e8e16 |
|
|
|
8e8e16 |
diff --git a/lib/Convert/ASN1/_decode.pm b/lib/Convert/ASN1/_decode.pm
|
|
|
8e8e16 |
index eb2b584..67b95aa 100644
|
|
|
8e8e16 |
--- a/lib/Convert/ASN1/_decode.pm
|
|
|
8e8e16 |
+++ b/lib/Convert/ASN1/_decode.pm
|
|
|
8e8e16 |
@@ -679,6 +679,7 @@ sub _scan_indef {
|
|
|
8e8e16 |
$pos += 2;
|
|
|
8e8e16 |
next;
|
|
|
8e8e16 |
}
|
|
|
8e8e16 |
+ return if $pos >= $end;
|
|
|
8e8e16 |
|
|
|
8e8e16 |
my $tag = substr($_[0], $pos++, 1);
|
|
|
8e8e16 |
|