* ext/openssl/ossl_asn1.c (ossl_asn1_decode0): OpenSSL::ASN1.decode

should reject indefinite length primitive encodings as that is
          illegal. Patch by Martin Bosslet. See #4324.


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@30656 b2dd03c8-39d4-4d8f-98ff-823fe69b080e

ChangeLog

@@ -1,3 +1,9 @@
+Wed Jan 26 17:08:59 2011  NAKAMURA, Hiroshi  <nahi@ruby-lang.org>
+
+	* ext/openssl/ossl_asn1.c (ossl_asn1_decode0): OpenSSL::ASN1.decode
+	  should reject indefinite length primitive encodings as that is
+	  illegal. Patch by Martin Bosslet. See #4324.
+
 Wed Jan 26 10:36:28 2011  NARUSE, Yui  <naruse@ruby-lang.org>
 
 	* string.c (=~): documentation fix; the return value is nil when

ext/openssl/ossl_asn1.c

@@ -772,6 +772,9 @@ ossl_asn1_decode0(unsigned char **pp, long length, long *offset, long depth,
 	    else value = ossl_asn1_decode0(&p, len, &off, depth+1, 0, yield);
 	}
 	else{
+	    if ((j & 0x01) && (len == 0)) {
+		ossl_raise(eASN1Error, "Infinite length for primitive value");
+	    }
 	    value = rb_str_new((const char *)p, len);
 	    p += len;
 	    off += len;

test/openssl/test_asn1.rb

@@ -430,4 +430,14 @@ class  OpenSSL::TestASN1 < Test::Unit::TestCase
     end
   end
   
+  def test_primitive_inf_length
+    assert_raises(OpenSSL::ASN1::ASN1Error) do
+      spec = %w{ 02 80 02 01 01 00 00 }
+      raw = [spec.join('')].pack('H*')
+      OpenSSL::ASN1.decode(raw)
+      OpenSSL::ASN1.decode_all(raw)
+    end
+  end
+  
 end if defined?(OpenSSL)
+