projects
/
silc.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (parent:
fe14dc0
)
Better length checking for identifier decoding.
author
Pekka Riikonen
<priikone@silcnet.org>
Thu, 2 Oct 2003 11:17:22 +0000
(11:17 +0000)
committer
Pekka Riikonen
<priikone@silcnet.org>
Thu, 2 Oct 2003 11:17:22 +0000
(11:17 +0000)
lib/silccrypt/silcpkcs.c
patch
|
blob
|
history
diff --git
a/lib/silccrypt/silcpkcs.c
b/lib/silccrypt/silcpkcs.c
index 1f662dd70fbbda819f5a4dc5669bf25f9fcd6e1e..11dda7c95ad2e1d8c3f22d0101613f72b967dae4 100644
(file)
--- a/
lib/silccrypt/silcpkcs.c
+++ b/
lib/silccrypt/silcpkcs.c
@@
-553,16
+553,33
@@
SilcPublicKeyIdentifier silc_pkcs_decode_identifier(char *identifier)
cp = identifier;
while (cp) {
len = strcspn(cp, ",");
cp = identifier;
while (cp) {
len = strcspn(cp, ",");
+ if (len < 1) {
+ cp = NULL;
+ break;
+ }
if (len - 1 >= 0 && cp[len - 1] == '\\') {
while (cp) {
if (len - 1 >= 0 && cp[len - 1] == '\\') {
while (cp) {
+ if (len + 1 > strlen(cp)) {
+ cp = NULL;
+ break;
+ }
cp += len + 1;
len = strcspn(cp, ",") + len;
cp += len + 1;
len = strcspn(cp, ",") + len;
+ if (len < 1) {
+ cp = NULL;
+ break;
+ }
if (len - 1 >= 0 && cp[len - 1] != '\\')
break;
}
}
if (len - 1 >= 0 && cp[len - 1] != '\\')
break;
}
}
+ if (!cp)
+ break;
+
item = silc_calloc(len + 1, sizeof(char));
item = silc_calloc(len + 1, sizeof(char));
+ if (len > strlen(cp))
+ break;
memcpy(item, cp, len);
if (strstr(item, "UN="))
memcpy(item, cp, len);
if (strstr(item, "UN="))
@@
-579,7
+596,7
@@
SilcPublicKeyIdentifier silc_pkcs_decode_identifier(char *identifier)
ident->country = strdup(item + strcspn(cp, "=") + 1);
cp += len;
ident->country = strdup(item + strcspn(cp, "=") + 1);
cp += len;
- if (strlen(cp)
== 0
)
+ if (strlen(cp)
< 1
)
cp = NULL;
else
cp += 1;
cp = NULL;
else
cp += 1;