diff options
-rw-r--r-- | ChangeLog | 5 | ||||
-rw-r--r-- | ext/openssl/ossl_asn1.c | 7 | ||||
-rw-r--r-- | test/openssl/test_asn1.rb | 12 |
3 files changed, 22 insertions, 2 deletions
@@ -1,3 +1,8 @@ +Mon May 23 06:58:33 2011 Martin Bosslet <Martin.Bosslet@googlemail.com> + + * ext/openssl/ossl_asn1.c: Forbid Constructives whose value is not an + Array to prevent segfault. Added test. + Mon May 23 06:33:17 2011 Martin Bosslet <Martin.Bosslet@googlemail.com> * ext/openssl/ossl_asn1.c: Forbid Constructive without infinite diff --git a/ext/openssl/ossl_asn1.c b/ext/openssl/ossl_asn1.c index c6f18479d7..cd65195796 100644 --- a/ext/openssl/ossl_asn1.c +++ b/ext/openssl/ossl_asn1.c @@ -1225,19 +1225,22 @@ ossl_asn1cons_to_der(VALUE self) int found_prim = 0, seq_len; long length; unsigned char *p; - VALUE value, str, inf_length, ary, example; + VALUE value, str, inf_length; tn = NUM2INT(ossl_asn1_get_tag(self)); tc = ossl_asn1_tag_class(self); inf_length = ossl_asn1_get_infinite_length(self); if (inf_length == Qtrue) { + VALUE ary, example; constructed = 2; if (CLASS_OF(self) == cASN1Sequence || CLASS_OF(self) == cASN1Set) { tag = ossl_asn1_default_tag(self); } - else { /*BIT_STRING OR OCTET_STRING*/ + else { /* must be a constructive encoding of a primitive value */ ary = ossl_asn1_get_value(self); + if (!rb_obj_is_kind_of(ary, rb_cArray)) + ossl_raise(eASN1Error, "Constructive value must be an Array"); /* Recursively descend until a primitive value is found. The overall value of the entire constructed encoding is of the type of the first primitive encoding to be diff --git a/test/openssl/test_asn1.rb b/test/openssl/test_asn1.rb index 94083f86e4..0122e0fdcb 100644 --- a/test/openssl/test_asn1.rb +++ b/test/openssl/test_asn1.rb @@ -254,6 +254,18 @@ class OpenSSL::TestASN1 < Test::Unit::TestCase end end + def test_cons_without_array_forbidden + assert_raise(OpenSSL::ASN1::ASN1Error) do + val = OpenSSL::ASN1::OctetString.new('a') + cons = OpenSSL::ASN1::Constructive.new(val, + OpenSSL::ASN1::OCTET_STRING, + nil, + :UNIVERSAL) + cons.infinite_length = true + cons.to_der + end + end + def test_seq_infinite_length begin content = [ OpenSSL::ASN1::Null.new(nil), |