You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by ma...@apache.org on 2017/11/14 14:05:40 UTC
svn commit: r1815218 - in /tomcat/native/trunk: native/src/sslutils.c
xdocs/miscellaneous/changelog.xml
Author: markt
Date: Tue Nov 14 14:05:40 2017
New Revision: 1815218
URL: http://svn.apache.org/viewvc?rev=1815218&view=rev
Log:
Further clean-up in the parsing of the OCSP extension.
Modified:
tomcat/native/trunk/native/src/sslutils.c
tomcat/native/trunk/xdocs/miscellaneous/changelog.xml
Modified: tomcat/native/trunk/native/src/sslutils.c
URL: http://svn.apache.org/viewvc/tomcat/native/trunk/native/src/sslutils.c?rev=1815218&r1=1815217&r2=1815218&view=diff
==============================================================================
--- tomcat/native/trunk/native/src/sslutils.c (original)
+++ tomcat/native/trunk/native/src/sslutils.c Tue Nov 14 14:05:40 2017
@@ -550,7 +550,7 @@ static void *apr_xrealloc(void *buf, siz
}
/* Parses an ASN.1 length.
- * On entry, ans1 points to the current tag.
+ * On entry, asn1 points to the current tag.
* Updates the pointer to the ASN.1 structure to point to the start of the data.
* Returns 0 on success, 1 on failure.
*/
@@ -569,9 +569,18 @@ static int parse_asn1_length(unsigned ch
i = **asn1 & 0x7F;
if (i == 0) {
- // Should be at least 1 byte
+ /* This is the indefinite form of length. Since certificates use DER
+ * this should never happen and is therefore an error.
+ */
return 1;
}
+ if (i > 3) {
+ /* Three bytes for length gives a maximum of 16MB which should be
+ * far more than is required. (2 bytes is 64K which is probably more
+ * than enough but play safe.)
+ */
+ return 1;
+ }
// Most significant byte is first
l = 0;
@@ -634,7 +643,7 @@ static int parse_ASN1_OID(unsigned char
err = parse_asn1_length(&asn1, &len);
- if (!err && memcmp(asn1, OCSP_OID, len) == 0) {
+ if (!err && len == 8 && memcmp(asn1, OCSP_OID, 8) == 0) {
asn1+=len;
err = parse_ocsp_url(asn1, ocsp_urls, nocsp_urls, p);
}
@@ -663,7 +672,7 @@ static int parse_ASN1_Sequence(unsigned
break;
case ASN1_OID:
err = parse_ASN1_OID(asn1,ocsp_urls,nocsp_urls, p);
- return 0;
+ return err;
break;
default:
err = 1; /* we shouldn't have any errors */
Modified: tomcat/native/trunk/xdocs/miscellaneous/changelog.xml
URL: http://svn.apache.org/viewvc/tomcat/native/trunk/xdocs/miscellaneous/changelog.xml?rev=1815218&r1=1815217&r2=1815218&view=diff
==============================================================================
--- tomcat/native/trunk/xdocs/miscellaneous/changelog.xml (original)
+++ tomcat/native/trunk/xdocs/miscellaneous/changelog.xml Tue Nov 14 14:05:40 2017
@@ -34,6 +34,13 @@
This is the Changelog for Tomcat Native 1.2.
</p>
</section>
+<section name="Changes in 1.2.16">
+ <changelog>
+ <fix>
+ Further clean-up in the parsing of the OCSP extension. (markt)
+ </fix>
+ </changelog>
+</section>
<section name="Changes in 1.2.15">
<changelog>
<update>
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org