diff options
author | Kazuki Yamaguchi <k@rhe.jp> | 2017-01-20 15:06:12 +0900 |
---|---|---|
committer | Kazuki Yamaguchi <k@rhe.jp> | 2017-07-23 15:14:43 +0900 |
commit | 1d202b077dce4b2732d902c8d5b488792f578079 (patch) | |
tree | b4df63103acc75cdf75dcf13bf3915c68b9afb81 | |
parent | 27e4bad625291b69d3ffdf8675230deeaef4aa39 (diff) | |
download | ruby-openssl-1d202b077dce4b2732d902c8d5b488792f578079.tar.gz |
asn1: prevent EOC octets from being in the middle of the content
Encoding with indefinite length form produces an invalid encoding if the
contents array contains an EOC object in the middle. Raise an exception
in that case.
-rw-r--r-- | ext/openssl/ossl_asn1.c | 5 | ||||
-rw-r--r-- | test/test_asn1.rb | 9 |
2 files changed, 14 insertions, 0 deletions
diff --git a/ext/openssl/ossl_asn1.c b/ext/openssl/ossl_asn1.c index 842c5b54..87342d68 100644 --- a/ext/openssl/ossl_asn1.c +++ b/ext/openssl/ossl_asn1.c @@ -1177,6 +1177,11 @@ ossl_asn1cons_to_der(VALUE self) for (i = 0; i < RARRAY_LEN(ary); i++) { VALUE item = RARRAY_AREF(ary, i); + if (indef_len && rb_obj_is_kind_of(item, cASN1EndOfContent)) { + if (i != RARRAY_LEN(ary) - 1) + ossl_raise(eASN1Error, "illegal EOC octets in value"); + } + item = ossl_to_der_if_possible(item); StringValue(item); rb_str_append(str, item); diff --git a/test/test_asn1.rb b/test/test_asn1.rb index 223b11a5..d3945d36 100644 --- a/test/test_asn1.rb +++ b/test/test_asn1.rb @@ -345,6 +345,15 @@ class OpenSSL::TestASN1 < OpenSSL::TestCase ]) expected.indefinite_length = true encode_decode_test B(%w{ 30 80 04 01 00 00 00 }), expected + + # OpenSSL::ASN1::EndOfContent can only be at the end + obj = OpenSSL::ASN1::Sequence.new([ + OpenSSL::ASN1::EndOfContent.new, + OpenSSL::ASN1::OctetString.new(B(%w{ 00 })), + OpenSSL::ASN1::EndOfContent.new, + ]) + obj.indefinite_length = true + assert_raise(OpenSSL::ASN1::ASN1Error) { obj.to_der } end def test_set |