Check-in [614742ca67]
Overview
Comment:Updated to deal with reading impossibly small TLV buffers sanely
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA1:614742ca676856d1f35465aadecedcba08d079a3
User & Date: rkeene on 2015-03-05 16:06:49
Other Links: manifest | tags
Context
2015-03-05
16:09
Removed extraneous code check-in: 47251b740c user: rkeene tags: trunk
16:06
Updated to deal with reading impossibly small TLV buffers sanely check-in: 614742ca67 user: rkeene tags: trunk
15:48
Added debugging to ASN.1 X.509 parser, added support for gzip'd certificates, and fixed a possible non-deterministic case with realloc(0) check-in: e4a2e1c560 user: rkeene tags: trunk
Changes

Modified cackey.c from [7a1e8d322f] to [f036f2ae53].

  1746   1746   		CACKEY_DEBUG_PRINTF("outbuffer_len_p is NULL.  Returning in failure.");
  1747   1747   
  1748   1748   		return(NULL);
  1749   1749   	}
  1750   1750   
  1751   1751   	buffer_len = *outbuffer_len_p;
  1752   1752   	outbuffer_len = *outbuffer_len_p;
         1753  +
         1754  +	if (buffer_len < 2) {
         1755  +		CACKEY_DEBUG_PRINTF("buffer_len is less than 2, so we can't read any tag.  Returning in failure.");
         1756  +
         1757  +		return(NULL);
         1758  +	}
  1753   1759   
  1754   1760   	buffer_p = buffer;
  1755   1761   	if (buffer_p[0] != tag) {
  1756   1762   		CACKEY_DEBUG_PRINTF("Tag found was not tag expected.  Tag = %02x, Expected = %02x.  Returning in failure.", (unsigned int) buffer_p[0], tag);
  1757   1763   
  1758   1764   		return(NULL);
  1759   1765   	}
................................................................................
  3020   3026   			}
  3021   3027   
  3022   3028   			retval = outbuf_len;
  3023   3029   
  3024   3030   			outbuf_len = retval;
  3025   3031   			outbuf_p = cackey_read_bertlv_tag(outbuf, &outbuf_len, 0x82, NULL,  &outbuf_len);
  3026   3032   			if (outbuf_p == NULL) {
  3027         -				CACKEY_DEBUG_PRINTF("Response from PIV for GENERATE AUTHENTICATION was not a 0x82 with then 0x7C tag, returning in failure");
         3033  +				CACKEY_DEBUG_PRINTF("Response from PIV for GENERATE AUTHENTICATION was not a 0x82 within a 0x7C tag, returning in failure");
  3028   3034   
  3029   3035   				return(-1);
  3030   3036   			}
  3031   3037   
  3032   3038   			retval = outbuf_len;
  3033   3039   
  3034   3040   			break;