From 0522ffd51f03afb615fc70844e25905da31b96f8 Mon Sep 17 00:00:00 2001
From: nahi <nahi@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>
Date: Wed, 26 Jan 2011 08:17:01 +0000
Subject:         * ext/openssl/ossl_asn1.c (ossl_asn1_decode0):
 OpenSSL::ASN1.decode           should reject indefinite length primitive
 encodings as that is           illegal. Patch by Martin Bosslet. See #4324.

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@30656 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
---
 ext/openssl/ossl_asn1.c | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'ext/openssl')

diff --git a/ext/openssl/ossl_asn1.c b/ext/openssl/ossl_asn1.c
index b67decc5f3..44c19b9795 100644
--- a/ext/openssl/ossl_asn1.c
+++ b/ext/openssl/ossl_asn1.c
@@ -772,6 +772,9 @@ ossl_asn1_decode0(unsigned char **pp, long length, long *offset, long depth,
 	    else value = ossl_asn1_decode0(&p, len, &off, depth+1, 0, yield);
 	}
 	else{
+	    if ((j & 0x01) && (len == 0)) {
+		ossl_raise(eASN1Error, "Infinite length for primitive value");
+	    }
 	    value = rb_str_new((const char *)p, len);
 	    p += len;
 	    off += len;
-- 
cgit v1.2.3