Detect overflow when decoding DER variable-length integers#9537
Open
basavaraj-sm05 wants to merge 1 commit into
Open
Detect overflow when decoding DER variable-length integers#9537basavaraj-sm05 wants to merge 1 commit into
basavaraj-sm05 wants to merge 1 commit into
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
DerReader decodes ASN.1 variable-length integers for OBJECT IDENTIFIER subidentifiers and high-number tags, building the value up with a shift left of 7 per continuation byte. That accumulation had no overflow guard (it carried a
// TODO: detect overflow), so a subidentifier padded with enough continuation bytes silently wraps a Long and the shift can flip the sign. I ran into it decoding a certificate whose OID had an over-long arc: instead of rejecting the input,readObjectIdentifierhanded back a bogus arc like2.9223372036854775728produced by the wrapped arithmetic. Since these bytes come straight off an untrusted certificate, quietly turning a malformed OID into a real-looking one seemed worth closing off. This throws aProtocolExceptiononce the running value no longer fits in a Long, the same way the length decoder just above already rejects a length pastLong.MAX_VALUE. Values up toLong.MAX_VALUEstill decode exactly as before, and there's a regression test for the overflowing case.