From f16ac763f631fed2627ad501cf30540e950a154d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 9 Jul 2013 12:26:00 +0200 Subject: [PATCH] Simplify length mismatch check in x509_get_pubkey --- library/x509parse.c | 17 +++++++---------- 1 file changed, 7 insertions(+), 10 deletions(-) diff --git a/library/x509parse.c b/library/x509parse.c index a284fd122..72cdf8dbc 100644 --- a/library/x509parse.c +++ b/library/x509parse.c @@ -550,7 +550,6 @@ static int x509_get_pubkey( unsigned char **p, int ret; size_t len; x509_buf pk_alg_oid; - unsigned char *end2; pk_type_t pk_alg = POLARSSL_PK_NONE; if( ( ret = asn1_get_tag( p, end, &len, @@ -582,7 +581,9 @@ static int x509_get_pubkey( unsigned char **p, return( POLARSSL_ERR_X509_CERT_INVALID_PUBKEY + POLARSSL_ERR_ASN1_OUT_OF_DATA ); - end2 = *p + len; + if( *p + len != end ) + return( POLARSSL_ERR_X509_CERT_INVALID_PUBKEY + + POLARSSL_ERR_ASN1_LENGTH_MISMATCH ); if( *(*p)++ != 0 ) return( POLARSSL_ERR_X509_CERT_INVALID_PUBKEY ); @@ -593,22 +594,18 @@ static int x509_get_pubkey( unsigned char **p, * publicExponent INTEGER -- e * } */ - if( ( ret = asn1_get_tag( p, end2, &len, + if( ( ret = asn1_get_tag( p, end, &len, ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 ) return( POLARSSL_ERR_X509_CERT_INVALID_PUBKEY + ret ); - if( *p + len != end2 ) + if( *p + len != end ) return( POLARSSL_ERR_X509_CERT_INVALID_PUBKEY + POLARSSL_ERR_ASN1_LENGTH_MISMATCH ); - if( ( ret = asn1_get_mpi( p, end2, &rsa->N ) ) != 0 || - ( ret = asn1_get_mpi( p, end2, &rsa->E ) ) != 0 ) + if( ( ret = asn1_get_mpi( p, end, &rsa->N ) ) != 0 || + ( ret = asn1_get_mpi( p, end, &rsa->E ) ) != 0 ) return( POLARSSL_ERR_X509_CERT_INVALID_PUBKEY + ret ); - if( *p != end ) - return( POLARSSL_ERR_X509_CERT_INVALID_PUBKEY + - POLARSSL_ERR_ASN1_LENGTH_MISMATCH ); - if( ( ret = rsa_check_pubkey( rsa ) ) != 0 ) return( ret );