In the pkinit decoders, set up things properly so that asn1buf_sync()

behaves correctly and isn't acting on uninitialized variables. ticket: 5704 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19935 dc483132-0cff-0310-8789-dd5450dbe970
author: Tom Yu <tlyu@mit.edu> 2007-09-13 23:51:32 +0000
committer: Tom Yu <tlyu@mit.edu> 2007-09-13 23:51:32 +0000
commit: 66edbde71866aa8b4718a04689b37d5c634d1079 (patch)
tree: 1f09b90c9f91d96097c1ad9223e2100684a6012c /src/lib/krb5/asn.1/asn1_k_decode.c
parent: 161f397dbcccf6cf824eee00151ea89c12a1436c (diff)
download: krb5-66edbde71866aa8b4718a04689b37d5c634d1079.zip
krb5-66edbde71866aa8b4718a04689b37d5c634d1079.tar.gz
krb5-66edbde71866aa8b4718a04689b37d5c634d1079.tar.bz2
1 files changed, 22 insertions, 3 deletions
diff --git a/src/lib/krb5/asn.1/asn1_k_decode.c b/src/lib/krb5/asn.1/asn1_k_decode.c
index 087c949..b495ebf 100644
--- a/src/lib/krb5/asn.1/asn1_k_decode.c
+++ b/src/lib/krb5/asn.1/asn1_k_decode.c
@@ -207,8 +207,6 @@
   asn1buf subbuf;						\
   int seqindef;							\
   int indef;							\
-  unused_var(taglen);						\
-  unused_var(construction);					\
   retval = asn1_get_sequence(buf, &length, &seqindef);		\
   if (retval) return retval;					\
   retval = asn1buf_imbed(&subbuf, buf, length, seqindef);	\
@@ -1329,6 +1327,22 @@ asn1_error_code asn1_decode_algorithm_identifier(asn1buf *buf,  krb5_algorithm_i
 
   setup();
   { begin_structure_no_tag();
+    /*
+     * Forbid indefinite encoding because we don't read enough tag
+     * information from the trailing octets ("ANY DEFINED BY") to
+     * synchronize EOC tags, etc.
+     */
+    if (seqindef) return ASN1_BAD_FORMAT;
+    /*
+     * Set up tag variables because we don't actually call anything
+     * that fetches tag info for us; it's all buried in the decoder
+     * primitives.
+     */
+    tagnum = ASN1_TAGNUM_CEILING;
+    asn1class = UNIVERSAL;
+    construction = PRIMITIVE;
+    taglen = 0;
+    indef = 0;
     retval = asn1_decode_oid(&subbuf, &val->algorithm.length, 
 			     &val->algorithm.data);
     if(retval) return retval;
@@ -1376,7 +1390,12 @@ asn1_error_code asn1_decode_subject_pk_info(asn1buf *buf, krb5_subject_pk_info *
       retval = asn1buf_remove_octetstring(&subbuf, taglen, 
 					  &val->subjectPublicKey.data);
       if(retval) return retval;
-      val->subjectPublicKey.length = taglen;      
+      val->subjectPublicKey.length = taglen;
+      /*
+       * We didn't call any macro that does next_tag(); do so now to
+       * preload tag of any trailing encodings.
+       */
+      next_tag();
       end_structure();
     }
     cleanup();
author	Tom Yu <tlyu@mit.edu>	2007-09-13 23:51:32 +0000
committer	Tom Yu <tlyu@mit.edu>	2007-09-13 23:51:32 +0000
commit	66edbde71866aa8b4718a04689b37d5c634d1079 (patch)
tree	1f09b90c9f91d96097c1ad9223e2100684a6012c /src/lib/krb5/asn.1/asn1_k_decode.c
parent	161f397dbcccf6cf824eee00151ea89c12a1436c (diff)
download	krb5-66edbde71866aa8b4718a04689b37d5c634d1079.zip krb5-66edbde71866aa8b4718a04689b37d5c634d1079.tar.gz krb5-66edbde71866aa8b4718a04689b37d5c634d1079.tar.bz2