blob: e4875266490c5a274b80c72d2fbdcf002726889d (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
|
From 0be0b11a1d0c4029f362ab368a63bc267065b5bd Mon Sep 17 00:00:00 2001
From: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date: Fri, 8 Apr 2016 13:48:30 +0200
Subject: [PATCH] _asn1_expand_object_id: addressed crash when no value is
present is node
With a specially crafted ASN.1 description _asn1_expand_object_id,
passes a null pointer as p4->value to the function _asn1_str_cat,
which expects a pointer to a string. This patch addresses the issue.
Reported by Pascal Cuoq.
---
lib/parser_aux.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/lib/parser_aux.c b/lib/parser_aux.c
index a42cdd2..52700c6 100644
--- a/lib/parser_aux.c
+++ b/lib/parser_aux.c
@@ -792,6 +792,9 @@ _asn1_expand_object_id (asn1_node node)
{
if (type_field (p4->type) == ASN1_ETYPE_CONSTANT)
{
+ if (p4->value == NULL)
+ return ASN1_VALUE_NOT_FOUND;
+
if (name2[0])
_asn1_str_cat (name2, sizeof (name2), ".");
_asn1_str_cat (name2, sizeof (name2),
--
1.9.1
|
