[erlang-patches] ASN.1 Long Definite Length
Henrik Nord
henrik@REDACTED
Mon May 16 17:13:49 CEST 2011
On 05/15/2011 03:49 AM, Vance Shipley wrote:
> The asn1_erl_driver driver does not perform adequate bounds
> checking in the case where the length value of a TLV is a
> Long Definite Length. The following demonstrates the problem:
>
> Eshell V5.8.3 (abort with ^G)
> 1> asn1rt_ber_bin_v2:decode(<<252,255,255,255,255,255,255,255>>, driver).
> Segmentation fault
>
> The attached patch adds a test to determine if the calculated length
> has overflowed the size of the variable used to store it. With the
> patch applied:
>
> Eshell V5.8.3 (abort with ^G)
> 1> asn1rt_ber_bin_v2:decode(<<252,255,255,255,255,255,255,255>>, driver).
> ** exception exit: {error,{asn1,{"bad length field after byte:",5,
> <<"\374\377\377\377\377\377\377\377">>}}}
> in function asn1rt_ber_bin_v2:handle_error/2
>
> I will submit a full patch with a test suite if you'd like me to.
>
Hello
A full patch, with test suite and proper commit msg is preferred
more info is found on https://github.com/erlang/otp/wiki
I will include these mail-patches in 'pu' now, and let you know if
something breaks.
Thank you for the contribution!
--
/Henrik Nord Erlang/OTP
More information about the erlang-patches
mailing list