Calculate sequence length properly.

Use correct length in old ASN.1 indefinite length sequence decoder (only used by SSL_SESSION). This bug was discovered by Hanno Böck using libfuzzer. Reviewed-by: Rich Salz <rsalz@openssl.org>
author: Dr. Stephen Henson <steve@openssl.org> 2016-08-02 23:53:41 +0100
committer: Dr. Stephen Henson <steve@openssl.org> 2016-08-03 00:13:03 +0100
commit: 436dead2e2a157fa501a7538a77b6078391b477f (patch)
tree: 7dfff328e1f861d3e3d7fc6c8fdef64d8b4528e4
parent: 134ab5139a8d41455a81d9fcc31b3edb8a4b2f5c (diff)
download: openssl-436dead2e2a157fa501a7538a77b6078391b477f.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/crypto/asn1/asn1_lib.c b/crypto/asn1/asn1_lib.c
index 8752654103..80f5f2b014 100644
--- a/crypto/asn1/asn1_lib.c
+++ b/crypto/asn1/asn1_lib.c
@@ -328,7 +328,7 @@ int asn1_GetSequence(ASN1_const_CTX *c, long *length)
         return (0);
     }
     if (c->inf == (1 | V_ASN1_CONSTRUCTED))
-        c->slen = *length + *(c->pp) - c->p;
+        c->slen = *length;
     c->eos = 0;
     return (1);
 }
author	Dr. Stephen Henson <steve@openssl.org>	2016-08-02 23:53:41 +0100
committer	Dr. Stephen Henson <steve@openssl.org>	2016-08-03 00:13:03 +0100
commit	436dead2e2a157fa501a7538a77b6078391b477f (patch)
tree	7dfff328e1f861d3e3d7fc6c8fdef64d8b4528e4
parent	134ab5139a8d41455a81d9fcc31b3edb8a4b2f5c (diff)
download	openssl-436dead2e2a157fa501a7538a77b6078391b477f.tar.gz