ber: mandate end of sequence/set

Fri, 08 Jan 2021 07:28:54 -0800 

Right now we don't check for end of sequence or set in most ber places.
This means that valid ber, but invalid ASN1 could be passed down the
codepath.

Since most of the parsing is done with ober_scanf_elements I think it
would be a good idea to add a sequence limiter. rob@ likes the idea and
suggested '$'.

This allows for the following syntax (e.g. varbind parsing):
for (; elm != NULL; elm = elm->be_next) {
        if (ober_scanf_elements(elm, "{oe$}", &oid, &elm2) == -1)
                goto fail;
}

OK?

martijn@

Index: ber.c
===================================================================
RCS file: /cvs/src/lib/libutil/ber.c,v
retrieving revision 1.17
diff -u -p -r1.17 ber.c
--- ber.c       3 Sep 2020 19:09:57 -0000       1.17
+++ ber.c       8 Jan 2021 15:22:50 -0000
@@ -684,9 +684,14 @@ ober_scanf_elements(struct ber_element *
 
        va_start(ap, fmt);
        while (*fmt) {
-               if (ber == NULL && *fmt != '}' && *fmt != ')')
+               if (ber == NULL && *fmt != '$' && *fmt != '}' && *fmt != ')')
                        goto fail;
                switch (*fmt++) {
+               case '$':
+                       if (ber != NULL)
+                               goto fail;
+                       ret++;
+                       continue;
                case 'B':
                        ptr = va_arg(ap, void **);
                        len = va_arg(ap, size_t *);
Index: ober_get_string.3
===================================================================
RCS file: /cvs/src/lib/libutil/ober_get_string.3,v
retrieving revision 1.2
diff -u -p -r1.2 ober_get_string.3
--- ober_get_string.3   25 Oct 2019 04:00:10 -0000      1.2
+++ ober_get_string.3   8 Jan 2021 15:22:50 -0000
@@ -81,6 +81,7 @@ per byte.
 The following bytes are valid:
 .Bl -column -offset indent bytes ober_get_enumerated() "1: struct ber_element 
**"
 .It Sy byte Ta Sy function Ta Sy arguments
+.It $ Ta see below              Ta 0
 .It B Ta Fn ober_get_bitstring  Ta 2: Vt void ** , size_t *
 .It b Ta Fn ober_get_boolean    Ta 1: Vt int *
 .It d Ta Fn ober_get_integer    Ta 1: Vt int *
@@ -121,6 +122,9 @@ For
 .Sq t ,
 the class and type of the element are stored in the two corresponding
 variables, but if the element contains a value, that value is ignored.
+A
+.Sq $
+mandates the end of a sequence or set.
 .Pp
 For an opening parenthesis or brace, it is checked that the element
 is a sequence or a set, and parsing continues with its children.

Reply via email to