[prev in list] [next in list] [prev in thread] [next in thread]
List: openssl-cvs
Subject: [CVS] OpenSSL: openssl/apps/ asn1pars.c
From: "Dr. Stephen Henson" <steve () openssl ! org>
Date: 2004-02-08 13:30:05
Message-ID: 20040208133005.F3DDF203EB8 () master ! openssl ! org
[Download RAW message or body]
OpenSSL CVS Repository
http://cvs.openssl.org/
____________________________________________________________________________
Server: cvs.openssl.org Name: Dr. Stephen Henson
Root: /e/openssl/cvs Email: steve@openssl.org
Module: openssl Date: 08-Feb-2004 14:30:05
Branch: HEAD Handle: 2004020813300400
Modified files:
openssl/apps asn1pars.c
Log:
Fix handling of -offset and -length in asn1parse tool.
If -offset exceeds -length of data available exit with an error.
Don't read past end of total data available when -offset supplied.
If -length exceeds total available truncate it.
Summary:
Revision Changes Path
1.20 +9 -1 openssl/apps/asn1pars.c
____________________________________________________________________________
patch -p0 <<'@@ .'
Index: openssl/apps/asn1pars.c
============================================================================
$ cvs diff -u -r1.19 -r1.20 asn1pars.c
--- openssl/apps/asn1pars.c 3 Dec 2002 16:32:53 -0000 1.19
+++ openssl/apps/asn1pars.c 8 Feb 2004 13:30:04 -0000 1.20
@@ -333,7 +333,15 @@
num=tmplen;
}
- if (length == 0) length=(unsigned int)num;
+ if (offset >= num)
+ {
+ BIO_printf(bio_err, "Error: offset too large\n");
+ goto end;
+ }
+
+ num -= offset;
+
+ if ((length == 0) || (length > num)) length=(unsigned int)num;
if(derout) {
if(BIO_write(derout, str + offset, length) != (int)length) {
BIO_printf(bio_err, "Error writing output\n");
@@ .
______________________________________________________________________
OpenSSL Project http://www.openssl.org
CVS Repository Commit List openssl-cvs@openssl.org
Automated List Manager majordomo@openssl.org
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic