The bug is in OBJ_txt2obj at obj_dat.c:420. The 'i' in line:
op=d2i_ASN1_OBJECT(NULL,&p,i);
should be replaced with 'j':
op=d2i_ASN1_OBJECT(NULL,&p,j);
In the case of subject alt name (06 03 55 1D 11), i=3 and j=5. My guess is
that the code in ASN1_get_object which had previously been indef'd out had
been disabled due to this bug, ie. the symptom "fixed" rather than the
cause.
Steven
-----Original Message-----
From: Reddie, Steven
Sent: Friday, 30 August 2002 11:09 AM
To: [EMAIL PROTECTED]
Subject: RE: [openssl.org #260] OBJ_txt2nid not working after upgrading
to 0.9.6g
I've traced this down to ASN1_get_object. It fails at line 128 which had
previously been ifdef'd out:
if (*plength > (omax - (p - *pp)))
{
ASN1err(ASN1_F_ASN1_GET_OBJECT,ASN1_R_TOO_LONG);
/* Set this so that even if things are not long enough
* the values are set correctly */
ret|=0x80;
}
In my case of trying to lookup an oid, plength=3, omax=3, (p-*pp)=2. The
passed in buffer at *pp is:
06 03 55 1D 11 - subject alt name oid
OBJ_txt2obj which calls d2i_ASN1_OBJECT which calls ASN1_get_object passes
in 3 as the length. The content length is 3, but the length of the
tag+length+content is 5. Not knowing this code very well I'm not yet sure
where the problem lies. Any clues?
Steven
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Thursday, 29 August 2002 6:46 PM
Cc: [EMAIL PROTECTED]
Subject: [openssl.org #260] OBJ_txt2nid not working after upgrading to
0.9.6g
We have some code that was working with OpenSSL 0.9.6d this morning. Now
that I've upgraded to 0.9.6g it's failing.
OBJ_txt2nid("2.5.29.17") is now returning 0 instead of the expected 85
(NID_subject_alt_name).
OBJ_nid2sn(NID_subject_alt_name) does return "subjectAltName".
It seems that the mapping is only broken in one direction. Is this a known
problem?
Steven
--
Steven Reddie <[EMAIL PROTECTED]>
Senior Software Engineer
Computer Associates Pty Ltd (Australia)
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
