Check-in [614742ca67]
Overview
Comment:Updated to deal with reading impossibly small TLV buffers sanely
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA1: 614742ca676856d1f35465aadecedcba08d079a3
User & Date: rkeene on 2015-03-05 16:06:49
Other Links: manifest | tags
Context
2015-03-05
16:09
Removed extraneous code check-in: 47251b740c user: rkeene tags: trunk
16:06
Updated to deal with reading impossibly small TLV buffers sanely check-in: 614742ca67 user: rkeene tags: trunk
15:48
Added debugging to ASN.1 X.509 parser, added support for gzip'd certificates, and fixed a possible non-deterministic case with realloc(0) check-in: e4a2e1c560 user: rkeene tags: trunk
Changes

Modified cackey.c from [7a1e8d322f] to [f036f2ae53].

1746
1747
1748
1749
1750
1751
1752






1753
1754
1755
1756
1757
1758
1759
1746
1747
1748
1749
1750
1751
1752
1753
1754
1755
1756
1757
1758
1759
1760
1761
1762
1763
1764
1765







+
+
+
+
+
+







		CACKEY_DEBUG_PRINTF("outbuffer_len_p is NULL.  Returning in failure.");

		return(NULL);
	}

	buffer_len = *outbuffer_len_p;
	outbuffer_len = *outbuffer_len_p;

	if (buffer_len < 2) {
		CACKEY_DEBUG_PRINTF("buffer_len is less than 2, so we can't read any tag.  Returning in failure.");

		return(NULL);
	}

	buffer_p = buffer;
	if (buffer_p[0] != tag) {
		CACKEY_DEBUG_PRINTF("Tag found was not tag expected.  Tag = %02x, Expected = %02x.  Returning in failure.", (unsigned int) buffer_p[0], tag);

		return(NULL);
	}
3020
3021
3022
3023
3024
3025
3026
3027

3028
3029
3030
3031
3032
3033
3034
3026
3027
3028
3029
3030
3031
3032

3033
3034
3035
3036
3037
3038
3039
3040







-
+







			}

			retval = outbuf_len;

			outbuf_len = retval;
			outbuf_p = cackey_read_bertlv_tag(outbuf, &outbuf_len, 0x82, NULL,  &outbuf_len);
			if (outbuf_p == NULL) {
				CACKEY_DEBUG_PRINTF("Response from PIV for GENERATE AUTHENTICATION was not a 0x82 with then 0x7C tag, returning in failure");
				CACKEY_DEBUG_PRINTF("Response from PIV for GENERATE AUTHENTICATION was not a 0x82 within a 0x7C tag, returning in failure");

				return(-1);
			}

			retval = outbuf_len;

			break;