diff options
author | Michael Brown | 2012-03-22 03:10:17 +0100 |
---|---|---|
committer | Michael Brown | 2012-03-22 03:28:49 +0100 |
commit | 2cd24473b8e41b54f1dafc16c7b5adee8c224446 (patch) | |
tree | 3810960b79e2cb35c37dbe67f6d767df48d68ce6 /src/crypto | |
parent | [crypto] Add previous certificate in chain as a parameter to parse_next() (diff) | |
download | ipxe-2cd24473b8e41b54f1dafc16c7b5adee8c224446.tar.gz ipxe-2cd24473b8e41b54f1dafc16c7b5adee8c224446.tar.xz ipxe-2cd24473b8e41b54f1dafc16c7b5adee8c224446.zip |
[crypto] Avoid an error when asn1_shrink() is already at end of object
asn1_skip() will return an error on reaching the end of an object, and
so should not be used as the basis for asn1_shrink().
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Diffstat (limited to 'src/crypto')
-rw-r--r-- | src/crypto/asn1.c | 19 |
1 files changed, 12 insertions, 7 deletions
diff --git a/src/crypto/asn1.c b/src/crypto/asn1.c index cd502502..2eab3422 100644 --- a/src/crypto/asn1.c +++ b/src/crypto/asn1.c @@ -220,16 +220,21 @@ int asn1_skip ( struct asn1_cursor *cursor, unsigned int type ) { * invalidated. */ int asn1_shrink ( struct asn1_cursor *cursor, unsigned int type ) { - struct asn1_cursor next; - int rc; + struct asn1_cursor temp; + const void *end; + int len; - /* Skip to next object */ - memcpy ( &next, cursor, sizeof ( next ) ); - if ( ( rc = asn1_skip ( &next, type ) ) != 0 ) - return rc; + /* Find end of object */ + memcpy ( &temp, cursor, sizeof ( temp ) ); + len = asn1_start ( &temp, type ); + if ( len < 0 ) { + asn1_invalidate_cursor ( cursor ); + return len; + } + end = ( temp.data + len ); /* Shrink original cursor to contain only its first object */ - cursor->len = ( next.data - cursor->data ); + cursor->len = ( end - cursor->data ); return 0; } |