summaryrefslogtreecommitdiffstats
path: root/src/crypto
diff options
context:
space:
mode:
authorMichael Brown2012-03-22 03:10:17 +0100
committerMichael Brown2012-03-22 03:28:49 +0100
commit2cd24473b8e41b54f1dafc16c7b5adee8c224446 (patch)
tree3810960b79e2cb35c37dbe67f6d767df48d68ce6 /src/crypto
parent[crypto] Add previous certificate in chain as a parameter to parse_next() (diff)
downloadipxe-2cd24473b8e41b54f1dafc16c7b5adee8c224446.tar.gz
ipxe-2cd24473b8e41b54f1dafc16c7b5adee8c224446.tar.xz
ipxe-2cd24473b8e41b54f1dafc16c7b5adee8c224446.zip
[crypto] Avoid an error when asn1_shrink() is already at end of object
asn1_skip() will return an error on reaching the end of an object, and so should not be used as the basis for asn1_shrink(). Signed-off-by: Michael Brown <mcb30@ipxe.org>
Diffstat (limited to 'src/crypto')
-rw-r--r--src/crypto/asn1.c19
1 files changed, 12 insertions, 7 deletions
diff --git a/src/crypto/asn1.c b/src/crypto/asn1.c
index cd502502..2eab3422 100644
--- a/src/crypto/asn1.c
+++ b/src/crypto/asn1.c
@@ -220,16 +220,21 @@ int asn1_skip ( struct asn1_cursor *cursor, unsigned int type ) {
* invalidated.
*/
int asn1_shrink ( struct asn1_cursor *cursor, unsigned int type ) {
- struct asn1_cursor next;
- int rc;
+ struct asn1_cursor temp;
+ const void *end;
+ int len;
- /* Skip to next object */
- memcpy ( &next, cursor, sizeof ( next ) );
- if ( ( rc = asn1_skip ( &next, type ) ) != 0 )
- return rc;
+ /* Find end of object */
+ memcpy ( &temp, cursor, sizeof ( temp ) );
+ len = asn1_start ( &temp, type );
+ if ( len < 0 ) {
+ asn1_invalidate_cursor ( cursor );
+ return len;
+ }
+ end = ( temp.data + len );
/* Shrink original cursor to contain only its first object */
- cursor->len = ( next.data - cursor->data );
+ cursor->len = ( end - cursor->data );
return 0;
}