Add check for lengths over 65535 in mbedtls_asn1_write_len()

This commit is contained in:
Paul Bakker 2016-07-14 10:27:08 +01:00 committed by Simon Butcher
parent 97c53c2867
commit 7eb1243fb4
2 changed files with 7 additions and 2 deletions

View file

@ -40,6 +40,8 @@ extern "C" {
* \param start start of the buffer (for bounds-checking) * \param start start of the buffer (for bounds-checking)
* \param len the length to write * \param len the length to write
* *
* \note lengths over 65535 are not supported at the moment
*
* \return the length written or a negative error code * \return the length written or a negative error code
*/ */
int mbedtls_asn1_write_len( unsigned char **p, unsigned char *start, size_t len ); int mbedtls_asn1_write_len( unsigned char **p, unsigned char *start, size_t len );

View file

@ -41,6 +41,11 @@
int mbedtls_asn1_write_len( unsigned char **p, unsigned char *start, size_t len ) int mbedtls_asn1_write_len( unsigned char **p, unsigned char *start, size_t len )
{ {
// We don't support lengths over 65535 for now
//
if( len > 0xFFFF )
return( MBEDTLS_ERR_ASN1_INVALID_LENGTH );
if( len < 0x80 ) if( len < 0x80 )
{ {
if( *p - start < 1 ) if( *p - start < 1 )
@ -63,8 +68,6 @@ int mbedtls_asn1_write_len( unsigned char **p, unsigned char *start, size_t len
if( *p - start < 3 ) if( *p - start < 3 )
return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
// We assume we never have lengths larger than 65535 bytes
//
*--(*p) = len % 256; *--(*p) = len % 256;
*--(*p) = ( len / 256 ) % 256; *--(*p) = ( len / 256 ) % 256;
*--(*p) = 0x82; *--(*p) = 0x82;