danog/phpseclib
1
0
Fork 0
mirror of https://github.com/danog/phpseclib.git synced 2025-01-22 04:51:19 +01:00
Code Issues Projects Releases Wiki Activity

Fixes #1296 parsing invalid certificate

Browse Source
This commit is contained in:
Michiel Brandenburg 2018-09-11 11:16:19 +02:00 committed by terrafrost
parent f48d85ced9
commit b4e66d343e
2 changed files with 22 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
phpseclib/File/ASN1.php
View File

@ -390,6 +390,9 @@ class File_ASN1
$remainingLength = $length; $remainingLength = $length;
while ($remainingLength > 0) { while ($remainingLength > 0) {
$temp = $this->_decode_ber($content, $start, $content_pos); $temp = $this->_decode_ber($content, $start, $content_pos);
if ($temp === false) {
break;
}
$length = $temp['length']; $length = $temp['length'];
// end-of-content octets - see paragraph 8.1.5 // end-of-content octets - see paragraph 8.1.5
if (substr($content, $content_pos + $length, 2) == "\0\0") { if (substr($content, $content_pos + $length, 2) == "\0\0") {
@ -441,6 +444,9 @@ class File_ASN1
$current['content'] = substr($content, $content_pos); $current['content'] = substr($content, $content_pos);
} else { } else {
$temp = $this->_decode_ber($content, $start, $content_pos); $temp = $this->_decode_ber($content, $start, $content_pos);
if ($temp === false) {
return false;
}
$length-= (strlen($content) - $content_pos); $length-= (strlen($content) - $content_pos);
$last = count($temp) - 1; $last = count($temp) - 1;
for ($i = 0; $i < $last; $i++) { for ($i = 0; $i < $last; $i++) {
@ -465,6 +471,9 @@ class File_ASN1
$length = 0; $length = 0;
while (substr($content, $content_pos, 2) != "\0\0") { while (substr($content, $content_pos, 2) != "\0\0") {
$temp = $this->_decode_ber($content, $length + $start, $content_pos); $temp = $this->_decode_ber($content, $length + $start, $content_pos);
if ($temp === false) {
return false;
}
$content_pos += $temp['length']; $content_pos += $temp['length'];
// all subtags should be octet strings // all subtags should be octet strings
//if ($temp['type'] != FILE_ASN1_TYPE_OCTET_STRING) { //if ($temp['type'] != FILE_ASN1_TYPE_OCTET_STRING) {
@ -497,6 +506,9 @@ class File_ASN1
break 2; break 2;
} }
$temp = $this->_decode_ber($content, $start + $offset, $content_pos); $temp = $this->_decode_ber($content, $start + $offset, $content_pos);
if ($temp === false) {
return false;
}
$content_pos += $temp['length']; $content_pos += $temp['length'];
$current['content'][] = $temp; $current['content'][] = $temp;
$offset+= $temp['length']; $offset+= $temp['length'];

10
tests/Unit/File/ASN1Test.php
View File

@ -331,4 +331,14 @@ class Unit_File_ASN1Test extends PhpseclibTestCase
$this->assertSame($data, $arr); $this->assertSame($data, $arr);
} }
/**
* @group github1296
*/
public function testInvalidCertificate()
{
$data = 'a' . base64_decode('MD6gJQYKKwYBBAGCNxQCA6AXDBVvZmZpY2VAY2VydGRpZ2l0YWwucm+BFW9mZmljZUBjZXJ0ZGlnaXRhbC5ybw==');
$asn1 = new File_ASN1();
$asn1->decodeBER($data);
}
} }