aboutsummaryrefslogtreecommitdiffstats
path: root/lib/asn1/c_src/asn1_erl_nif.c
diff options
context:
space:
mode:
authorBjörn Gustavsson <[email protected]>2014-09-29 12:55:21 +0200
committerBjörn Gustavsson <[email protected]>2014-09-29 13:19:43 +0200
commit62bab9a7a2adbe3f1b7960a35d7dab1d7119c639 (patch)
treec9c5e56c1dd5fc3c8435f816d0fc05f7325f17c6 /lib/asn1/c_src/asn1_erl_nif.c
parent2397a14d1113bc2d334dee908269cf3b63c46314 (diff)
downloadotp-62bab9a7a2adbe3f1b7960a35d7dab1d7119c639.tar.gz
otp-62bab9a7a2adbe3f1b7960a35d7dab1d7119c639.tar.bz2
otp-62bab9a7a2adbe3f1b7960a35d7dab1d7119c639.zip
BER decoding: Don't allow primitives with indefinite lengths
According to the BER encoding rules, only constructed values may have indefinite lengths. A primitive value must be encoded with a definite length. Reported-by: Simon Cornish
Diffstat (limited to 'lib/asn1/c_src/asn1_erl_nif.c')
-rw-r--r--lib/asn1/c_src/asn1_erl_nif.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/asn1/c_src/asn1_erl_nif.c b/lib/asn1/c_src/asn1_erl_nif.c
index 53e3aa1678..317a464060 100644
--- a/lib/asn1/c_src/asn1_erl_nif.c
+++ b/lib/asn1/c_src/asn1_erl_nif.c
@@ -949,7 +949,7 @@ static int ber_decode_value(ErlNifEnv* env, ERL_NIF_TERM *value, unsigned char *
} else if (in_buf[*ib_index] == ASN1_INDEFINITE_LENGTH) {
(*ib_index)++;
curr_head = enif_make_list(env, 0);
- if (*ib_index+1 >= in_buf_len) {
+ if (*ib_index+1 >= in_buf_len || form == ASN1_PRIMITIVE) {
return ASN1_INDEF_LEN_ERROR;
}
while (!(in_buf[*ib_index] == 0 && in_buf[*ib_index + 1] == 0)) {