From 57d958c8817fca07c7e2a165a422bb235a361981 Mon Sep 17 00:00:00 2001
From: Simon Rettberg
Date: Fri, 21 Apr 2017 16:31:36 +0200
Subject: scan_asn1length: Allow non-minimally encoded values

Needed to handle Windows AD replies, because why adhere to standards
at Microsoft ;)
---
 scan_asn1length.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/scan_asn1length.c b/scan_asn1length.c
index 9e20fae..150de94 100644
--- a/scan_asn1length.c
+++ b/scan_asn1length.c
@@ -14,12 +14,12 @@ size_t scan_asn1length(const char* src,const char* max,size_t* value) {
     c&=0x7f;
     if (!c) return 0;		/* length 0x80 means indefinite length encoding, not supported here */
     l=(unsigned char)src[1];
-    if (l==0) return 0;		/* not minimally encoded: 0x81 0x00 instead of 0x00 */
+    //if (l==0) return 0;		/* not minimally encoded: 0x81 0x00 instead of 0x00 XXX: We need to support this for Active Directory support :/ */
     if (c>sizeof(l)) return 0;	/* too many bytes, does not fit into target integer type */
     if (c+1>len) return 0;	/* not enough data in input buffer */
     for (i=2; i<=c; ++i)
       l=l*256+(unsigned char)src[i];
-    if (l<0x7f) return 0;	/* not minimally encoded: 0x81 0x70 instead of 0x70 */
+    //if (l<0x7f) return 0;	/* not minimally encoded: 0x81 0x70 instead of 0x70 XXX: Same AD issue as above */
   }
   if (l>len-i) return 0;	/* if the length would not fit into the buffer, return 0 */
   *value=l;
-- 
cgit v1.2.3-55-g7522