From e61502fb82084937160f4ffa0bda89f4c6788d6d Mon Sep 17 00:00:00 2001 From: Kazuki Yamaguchi Date: Sat, 14 Jan 2017 19:48:00 +0900 Subject: asn1: check for illegal 'unused_bits' value of BitString Invalid values such as nil or values not in the range 0 to 7 are silently coerced into the valid range. This behavior is confusing and hides user bugs. Raise an exception instead if an illegal value is specified. --- ext/openssl/ossl_asn1.c | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) (limited to 'ext/openssl') diff --git a/ext/openssl/ossl_asn1.c b/ext/openssl/ossl_asn1.c index c0dab131..59ef226a 100644 --- a/ext/openssl/ossl_asn1.c +++ b/ext/openssl/ossl_asn1.c @@ -204,13 +204,15 @@ obj_to_asn1bstr(VALUE obj, long unused_bits) { ASN1_BIT_STRING *bstr; - if(unused_bits < 0) unused_bits = 0; + if (unused_bits < 0 || unused_bits > 7) + ossl_raise(eASN1Error, "unused_bits for a bitstring value must be in "\ + "the range 0 to 7"); StringValue(obj); if(!(bstr = ASN1_BIT_STRING_new())) ossl_raise(eASN1Error, NULL); ASN1_BIT_STRING_set(bstr, (unsigned char *)RSTRING_PTR(obj), RSTRING_LENINT(obj)); bstr->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07); /* clear */ - bstr->flags |= ASN1_STRING_FLAG_BITS_LEFT|(unused_bits&0x07); + bstr->flags |= ASN1_STRING_FLAG_BITS_LEFT | unused_bits; return bstr; } @@ -498,7 +500,7 @@ ossl_asn1_get_asn1type(VALUE obj) VALUE value, rflag; void *ptr; void (*free_func)(); - int tag, flag; + int tag; tag = ossl_asn1_default_tag(obj); value = ossl_asn1_get_value(obj); @@ -514,8 +516,7 @@ ossl_asn1_get_asn1type(VALUE obj) break; case V_ASN1_BIT_STRING: rflag = rb_attr_get(obj, sivUNUSED_BITS); - flag = NIL_P(rflag) ? -1 : NUM2INT(rflag); - ptr = obj_to_asn1bstr(value, flag); + ptr = obj_to_asn1bstr(value, NUM2INT(rflag)); free_func = ASN1_BIT_STRING_free; break; case V_ASN1_NULL: -- cgit v1.2.3