[crypto] Allow for zero-length ASN.1 cursors - openslx-ng/ipxe.git - Fork of ipxe; additional commands and features

diff options

author	Michael Brown	2016-03-11 17:51:13 +0100
committer	Michael Brown	2016-03-11 17:58:51 +0100
commit	5a6ed90a00ea8b1070c808e4f7d5da173b2e848f (patch)
tree	65c60b99af5ea48cd8d81cf13152854d0fdbebff /src/core
parent	[tls] Avoid potential out-of-bound reads in length fields (diff)
download	ipxe-5a6ed90a00ea8b1070c808e4f7d5da173b2e848f.tar.gz ipxe-5a6ed90a00ea8b1070c808e4f7d5da173b2e848f.tar.xz ipxe-5a6ed90a00ea8b1070c808e4f7d5da173b2e848f.zip

[crypto] Allow for zero-length ASN.1 cursors

The assumption in asn1_type() that an ASN.1 cursor will always contain a type byte is incorrect. A cursor that has been cleanly invalidated via asn1_invalidate_cursor() will contain a type byte, but there are other ways in which to arrive at a zero-length cursor. Fix by explicitly checking the cursor length in asn1_type(). This allows asn1_invalidate_cursor() to be reduced to simply zeroing the length field. Signed-off-by: Michael Brown <mcb30@ipxe.org>

Diffstat (limited to 'src/core')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: