sharpetronics/strongswan
1
0
Fork 0
mirror of https://github.com/strongswan/strongswan.git synced 2025-10-07 00:01:49 -04:00
Code Issues Projects Releases Wiki Activity

Don't handle PKCS#7 containers with infinite length encodings in pkcs7 plugin

Browse Source
This commit is contained in:
Martin Willi 2012-11-29 16:12:45 +01:00
parent 3c820cdc23
commit 71dd4e7895
1 changed files with 6 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/libstrongswan/plugins/pkcs7/pkcs7_generic.c
View File

@ -114,6 +114,12 @@ pkcs7_t *pkcs7_generic_load(container_type_t type, va_list args)
} }
if (blob.len) if (blob.len)
{ {
if (blob.len >= 2 &&
blob.ptr[0] == ASN1_SEQUENCE && blob.ptr[1] == 0x80)
{ /* looks like infinite lenght BER encoding, but we can't handle it.
* ignore silently, our openssl backend can handle it */
return NULL;
}
return parse_contentInfo(blob); return parse_contentInfo(blob);
} }
return NULL; return NULL;