Re: [PATCH] X.509: reject invalid BIT STRING for subjectPublicKey

On Sun, 26 Nov 2017, Eric Biggers wrote: > Fixes: 42d5ec27f873 ("X.509: Add an ASN.1 decoder") > Cc: # v3.7+ > Signed-off-by: Eric Biggers > --- > crypto/asymmetric_keys/x509_cert_parser.c | 2 ++ > 1 file changed, 2 insertions(+) Reviewed-by:

[PATCH] X.509: reject invalid BIT STRING for subjectPublicKey

From: Eric Biggers Adding a specially crafted X.509 certificate whose subjectPublicKey ASN.1 value is zero-length caused x509_extract_key_data() to set the public key size to SIZE_MAX, as it subtracted the nonexistent BIT STRING metadata byte. Then, x509_cert_parse() called