[erlang-patches] ASN.1 Long Definite Length

Vance Shipley <>
Sun May 15 03:53:01 CEST 2011


... attached now.

On Sun, May 15, 2011 at 07:19:20AM +0530, Vance Shipley wrote:
}  The attached patch adds a test to determine if the calculated length
}  has overflowed the size of the variable used to store it.

-- 
	-Vance
-------------- next part --------------
--- lib/asn1/c_src/asn1_erl_driver.c.orig	2011-05-14 13:15:25.000000000 +0530
+++ lib/asn1/c_src/asn1_erl_driver.c	2011-05-14 22:23:11.000000000 +0530
@@ -1300,6 +1300,8 @@
        printf("decode_value1:ii=%d.\r\n",*ib_index);
 #endif
       len = (len << 8) + in_buf[*ib_index];
+      if (len < 0)
+        return ASN1_LEN_ERROR;
     }
     if (len > (in_buf_len - (*ib_index + 1)))
       return ASN1_LEN_ERROR;


More information about the erlang-patches mailing list