This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "GNU libtasn1".
http://git.savannah.gnu.org/cgit/libtasn1.git/commit/?id=b21ad3505c5f7d6049071c444ffc852a015d2c30 The branch, master has been updated via b21ad3505c5f7d6049071c444ffc852a015d2c30 (commit) via f0ce5e8fec8ffba2942241e6cb709d474c81385b (commit) via eda2d245496ef0dd077fd0eafaaf722ae6a3ac07 (commit) from a331c88d20acc587da3b0c2c666d1800b387813d (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit b21ad3505c5f7d6049071c444ffc852a015d2c30 Author: Nikos Mavrogiannopoulos <n...@redhat.com> Date: Wed Aug 20 09:51:06 2014 +0200 doc update commit f0ce5e8fec8ffba2942241e6cb709d474c81385b Author: Nikos Mavrogiannopoulos <n...@redhat.com> Date: Wed Aug 20 09:49:22 2014 +0200 BER decoding: corrected indefinite tag check in ANY constructions commit eda2d245496ef0dd077fd0eafaaf722ae6a3ac07 Author: Nikos Mavrogiannopoulos <n...@redhat.com> Date: Wed Aug 20 09:48:52 2014 +0200 Added another BER-encoded PKCS #12 file to test indefinite decoding ----------------------------------------------------------------------- Summary of changes: NEWS | 5 +++++ lib/decoding.c | 46 ++++++++++++++++++++++++---------------------- tests/Makefile.am | 4 +++- tests/TestIndef2.p12 | Bin 0 -> 1526 bytes tests/Test_indefinite.c | 44 ++++++++++++++++++++++++++++++++++++++++++-- 5 files changed, 74 insertions(+), 25 deletions(-) create mode 100644 tests/TestIndef2.p12 diff --git a/NEWS b/NEWS index 1d08af0..e9fd124 100644 --- a/NEWS +++ b/NEWS @@ -1,5 +1,10 @@ GNU Libtasn1 NEWS -*- outline -*- +* Noteworthy changes in release 4.1 (unreleased) [stable] +- corrected indefinite tag check in ANY constructions. That allows + the decoding of BER-encoded structures that contain indefinite + encoding within for an ANY element. + * Noteworthy changes in release 4.0 (released 2014-06-26) [stable] - optimized asn1_der_decoding_startEnd(). It no longer requires the additional decoding step. diff --git a/lib/decoding.c b/lib/decoding.c index b7e49b4..57da1ff 100644 --- a/lib/decoding.c +++ b/lib/decoding.c @@ -1360,6 +1360,12 @@ asn1_der_decoding2 (asn1_node *element, const void *ider, int *max_ider_len, move = RIGHT; break; case ASN1_ETYPE_ANY: + /* Check indefinite lenth method in an EXPLICIT TAG */ + if ((p->type & CONST_TAG) && (der[counter - 1] == 0x80)) + indefinite = 1; + else + indefinite = 0; + if (asn1_get_tag_der (der + counter, ider_len, &class, &len2, &tag) != ASN1_SUCCESS) @@ -1399,12 +1405,6 @@ asn1_der_decoding2 (asn1_node *element, const void *ider, int *max_ider_len, goto cleanup; } - /* Check indefinite lenth method in an EXPLICIT TAG */ - if ((p->type & CONST_TAG) && (der[counter - 1] == 0x80)) - indefinite = 1; - else - indefinite = 0; - result = _asn1_get_indefinite_length_string (der + counter, ider_len, &len2); if (result != ASN1_SUCCESS) @@ -1417,23 +1417,25 @@ asn1_der_decoding2 (asn1_node *element, const void *ider, int *max_ider_len, _asn1_set_value_lv (p, der + counter, len2); counter += len2; - /* Check if a couple of 0x00 are present due to an EXPLICIT TAG with - an indefinite length method. */ - if (indefinite) - { - DECR_LEN(ider_len, 2); - if (!der[counter] && !der[counter + 1]) - { - counter += 2; - } - else - { - result = ASN1_DER_ERROR; - warn(); - goto cleanup; - } - } } + + /* Check if a couple of 0x00 are present due to an EXPLICIT TAG with + an indefinite length method. */ + if (indefinite) + { + DECR_LEN(ider_len, 2); + if (!der[counter] && !der[counter + 1]) + { + counter += 2; + } + else + { + result = ASN1_DER_ERROR; + warn(); + goto cleanup; + } + } + move = RIGHT; break; default: diff --git a/tests/Makefile.am b/tests/Makefile.am index 275be8b..144b321 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am @@ -23,7 +23,8 @@ AM_LDFLAGS = -no-install LDADD = ../lib/libtasn1.la ../gl/libgnu.la EXTRA_DIST = Test_parser.asn Test_tree.asn Test_tree_asn1_tab.c \ - Test_encoding.asn pkix.asn TestIndef.p12 choice.asn coding-decoding2.asn + Test_encoding.asn pkix.asn TestIndef.p12 choice.asn coding-decoding2.asn \ + TestIndef2.p12 # For crlf. EXTRA_DIST += crlf.cer crl.der @@ -49,6 +50,7 @@ TESTS_ENVIRONMENT = \ ASN1PKIX=$(srcdir)/pkix.asn \ ASN1CRLDER=$(srcdir)/crl.der \ ASN1INDEF=$(srcdir)/TestIndef.p12 \ + ASN1INDEF2=$(srcdir)/TestIndef2.p12 \ ASN1ENCODING=$(srcdir)/Test_encoding.asn \ THREADSAFETY_FILES=`find $(top_srcdir)/lib -name \*.c` \ EXEEXT=$(EXEEXT) \ diff --git a/tests/TestIndef2.p12 b/tests/TestIndef2.p12 new file mode 100644 index 0000000..2829073 Binary files /dev/null and b/tests/TestIndef2.p12 differ diff --git a/tests/Test_indefinite.c b/tests/Test_indefinite.c index c1613ef..b1a435a 100644 --- a/tests/Test_indefinite.c +++ b/tests/Test_indefinite.c @@ -48,6 +48,7 @@ main (int argc, char *argv[]) ssize_t size; const char *treefile = getenv ("ASN1PKIX"); const char *indeffile = getenv ("ASN1INDEF"); + const char *indeffile2 = getenv ("ASN1INDEF2"); int verbose = 0; if (argc > 1) @@ -59,6 +60,9 @@ main (int argc, char *argv[]) if (!indeffile) indeffile = "TestIndef.p12"; + if (!indeffile2) + indeffile = "TestIndef2.p12"; + if (verbose) { printf ("\n\n/****************************************/\n"); @@ -110,13 +114,49 @@ main (int argc, char *argv[]) if (result != ASN1_SUCCESS) { asn1_perror (result); - printf ("Cannot decode BER data (size %ld)\n", (long) size); + printf ("Cannot decode BER data (size %ld) in %s\n", (long) size, indeffile); + exit (1); + } + + asn1_delete_structure (&asn1_element); + + /* second test */ + fd = fopen (indeffile2, "rb"); + if (fd == NULL) + { + printf ("Cannot read file %s\n", indeffile); + exit (1); + } + size = fread (buffer, 1, sizeof (buffer), fd); + if (size <= 0) + { + printf ("Cannot read from file %s\n", indeffile); + exit (1); + } + + fclose (fd); + + result = + asn1_create_element (definitions, "PKIX1.pkcs-12-PFX", &asn1_element); + if (result != ASN1_SUCCESS) + { + asn1_perror (result); + printf ("Cannot create PKCS12 element\n"); + exit (1); + } + + result = asn1_der_decoding (&asn1_element, buffer, size, errorDescription); + if (result != ASN1_SUCCESS) + { + asn1_perror (result); + printf ("Cannot decode BER data (size %ld) in %s\n", (long) size, indeffile2); exit (1); } + asn1_delete_structure (&asn1_element); + /* Clear the definition structures */ asn1_delete_structure (&definitions); - asn1_delete_structure (&asn1_element); if (out != stdout) fclose (out); hooks/post-receive -- GNU libtasn1