aboutsummaryrefslogtreecommitdiff
path: root/openssl/crypto/ocsp/ocsp_ht.c
diff options
context:
space:
mode:
authormarha <marha@users.sourceforge.net>2011-01-23 20:17:10 +0000
committermarha <marha@users.sourceforge.net>2011-01-23 20:17:10 +0000
commit1b639dab951fb73d5031aa0c1afb13e8480d1dae (patch)
tree4e13a4d1e4c609bd01d0bf5d65c6a8acdc3d0c50 /openssl/crypto/ocsp/ocsp_ht.c
parent51181fb7f4d135d214974bb6611d51f21475eec8 (diff)
parentb680cf39ed5bc37e0eb7eb86ad8599bf92df3f2b (diff)
downloadvcxsrv-1b639dab951fb73d5031aa0c1afb13e8480d1dae.tar.gz
vcxsrv-1b639dab951fb73d5031aa0c1afb13e8480d1dae.tar.bz2
vcxsrv-1b639dab951fb73d5031aa0c1afb13e8480d1dae.zip
svn merge ^/branches/released .
Diffstat (limited to 'openssl/crypto/ocsp/ocsp_ht.c')
-rw-r--r--openssl/crypto/ocsp/ocsp_ht.c12
1 files changed, 9 insertions, 3 deletions
diff --git a/openssl/crypto/ocsp/ocsp_ht.c b/openssl/crypto/ocsp/ocsp_ht.c
index 12bbfcffd..af5fc1669 100644
--- a/openssl/crypto/ocsp/ocsp_ht.c
+++ b/openssl/crypto/ocsp/ocsp_ht.c
@@ -397,11 +397,12 @@ int OCSP_sendreq_nbio(OCSP_RESPONSE **presp, OCSP_REQ_CTX *rctx)
case OHS_ASN1_HEADER:
- /* Now reading ASN1 header: can read at least 6 bytes which
- * is more than enough for any valid ASN1 SEQUENCE header
+ /* Now reading ASN1 header: can read at least 2 bytes which
+ * is enough for ASN1 SEQUENCE header and either length field
+ * or at least the length of the length field.
*/
n = BIO_get_mem_data(rctx->mem, &p);
- if (n < 6)
+ if (n < 2)
goto next_io;
/* Check it is an ASN1 SEQUENCE */
@@ -414,6 +415,11 @@ int OCSP_sendreq_nbio(OCSP_RESPONSE **presp, OCSP_REQ_CTX *rctx)
/* Check out length field */
if (*p & 0x80)
{
+ /* If MSB set on initial length octet we can now
+ * always read 6 octets: make sure we have them.
+ */
+ if (n < 6)
+ goto next_io;
n = *p & 0x7F;
/* Not NDEF or excessive length */
if (!n || (n > 4))