From 9398f168f96a1cd6e166309d77cbeca41ec0aea7 Mon Sep 17 00:00:00 2001 From: Adam Langley Date: Mon, 3 Nov 2014 18:02:03 -0800 Subject: [PATCH] Explicitly check for empty ASN.1 strings in d2i_ECPrivateKey. The old code implicitly relies on the ASN.1 code returning a \0-prefixed buffer when the buffer length is 0. Change this to verify explicitly that the ASN.1 string has positive length. (Imported from upstream's 7f7c05ca638c3cc6d261961fae439cd91e3c1d27) Change-Id: Icc6c44b874bdcb02374016a36d209830d6162a8a --- crypto/ec/ec_asn1.c | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/crypto/ec/ec_asn1.c b/crypto/ec/ec_asn1.c index add2f53d..e7d96e11 100644 --- a/crypto/ec/ec_asn1.c +++ b/crypto/ec/ec_asn1.c @@ -352,11 +352,16 @@ EC_KEY *d2i_ECPrivateKey(EC_KEY **a, const uint8_t **in, long len) { if (priv_key->publicKey) { const uint8_t *pub_oct; - size_t pub_oct_len; + int pub_oct_len; pub_oct = M_ASN1_STRING_data(priv_key->publicKey); pub_oct_len = M_ASN1_STRING_length(priv_key->publicKey); - /* save the point conversion form */ + /* The first byte (the point conversion form) must be present. */ + if (pub_oct_len <= 0) { + OPENSSL_PUT_ERROR(EC, d2i_ECPrivateKey, EC_R_BUFFER_TOO_SMALL); + goto err; + } + /* Save the point conversion form. */ ret->conv_form = (point_conversion_form_t)(pub_oct[0] & ~0x01); if (!EC_POINT_oct2point(ret->group, ret->pub_key, pub_oct, pub_oct_len, NULL)) {