Google Git
Sign in
flutter/third_party/libtasn1/refs/heads/tmp-fix-endless-loop^!/.
commit
cf568e510ba6d2e3f797eb00fc09a4f9bb5c9f1b
[log]
author
Tim Rühsen <tim.ruehsen@gmx.de>
Fri Jul 19 13:16:27 2019 +0200
committer
Tim Rühsen <tim.ruehsen@gmx.de>
Fri Jul 19 17:17:33 2019 +0200
tree
dcd6ea770ac4a29e79f5af83005165f14829be57
parent
6e0a18fcac6cd8773eca857de1d05aa93249adfa [diff]
Fix endless loop in _asn1_check_identifier()

Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

diff --git a/lib/parser_aux.c b/lib/parser_aux.c
index b182948..095204e 100644
--- a/lib/parser_aux.c
+++ b/lib/parser_aux.c

@@ -1029,7 +1029,7 @@
 	p = p->right;
       else
 	{
-	  while (1)
+	  while (p)
 	    {
 	      p = _asn1_find_up (p);
 	      if (p == node)

diff --git a/tests/Makefile.am b/tests/Makefile.am
index b0fe211..93af269 100644
--- a/tests/Makefile.am
+++ b/tests/Makefile.am

@@ -61,7 +61,7 @@
 	Test_errors Test_simple Test_overflow Test_strings Test_choice \
 	Test_encdec copynode coding-decoding2 strict-der Test_choice_ocsp \
 	ocsp-basic-response octet-string coding-long-oid object-id-decoding \
-	spc_pe_image_data setof CVE-2018-1000654
+	spc_pe_image_data setof CVE-2018-1000654 single_node
 
 TESTS = Test_parser Test_tree Test_encoding Test_indefinite	\
 	Test_errors Test_simple Test_overflow crlf threadsafety \
@@ -69,7 +69,7 @@
 	strict-der Test_choice_ocsp decoding decoding-invalid-x509 \
 	ocsp-basic-response octet-string coding-long-oid object-id-decoding \
 	spc_pe_image_data decoding-invalid-pkcs7 coding setof \
-	CVE-2018-1000654 parser.sh
+	CVE-2018-1000654 parser.sh single_node
 
 CVE-2018-1000654-1_asn1_tab.h: $(srcdir)/CVE-2018-1000654-1.asn
 	$(top_builddir)/src/asn1Parser$(EXEEXT) $^ -o $@

diff --git a/tests/single_node.c b/tests/single_node.c
new file mode 100644
index 0000000..cdec122
--- /dev/null
+++ b/tests/single_node.c

@@ -0,0 +1,60 @@
+/*
+ * Copyright (C) 2019 Free Software Foundation, Inc.
+ *
+ * This file is part of LIBTASN1.
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+/****************************************************************/
+/* Description: reproducer for endless loop with a single node  */
+/****************************************************************/
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+
+#include <libtasn1.h>
+
+const asn1_static_node endless_asn1_tab[] = {
+  { "TEST_TREE", 536875024, NULL },
+  { NULL, 0, NULL }
+};
+
+int
+main (int argc, char *argv[])
+{
+  int result, verbose = 0;
+  asn1_node definitions = NULL;
+  char errorDescription[ASN1_MAX_ERROR_DESCRIPTION_SIZE];
+
+  if (argc > 1)
+    verbose = 1;
+
+  result = asn1_array2tree (endless_asn1_tab, &definitions, errorDescription);
+  if (result != ASN1_SUCCESS)
+    {
+      asn1_perror (result);
+      printf ("ErrorDescription = %s\n\n", errorDescription);
+      exit (EXIT_FAILURE);
+    }
+
+  asn1_delete_structure (&definitions);
+
+  if (verbose)
+    printf ("Success\n");
+
+  exit (EXIT_SUCCESS);
+}