openssl(1) asn1parse: avoid crash with ASN.1 BOOLEANS

When pointing openssl asn1parse -strparse at DER octets 01 01, it crashes:

$ printf '<\x01\x01>' | openssl asn1parse -inform der -strparse 1

Refuse to parse BOOLEAN types instead, which avoids a crash in hensonian
/* hmm... this is a little evil, but it works */ code.

Found while poking at CMS timestamps to understand one of job's diffs.

with/ok jsing

diff --git a/usr.bin/openssl/asn1pars.c b/usr.bin/openssl/asn1pars.c
index d6364b5..3eac72c 100644 (file)
--- a/usr.bin/openssl/asn1pars.c
+++ b/usr.bin/openssl/asn1pars.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: asn1pars.c,v 1.14 2023/03/07 05:53:17 tb Exp $ */
+/* $OpenBSD: asn1pars.c,v 1.15 2023/03/10 09:44:54 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -361,9 +361,10 @@ asn1parse_main(int argc, char **argv)
                                goto end;
                        }
                        typ = ASN1_TYPE_get(at);
-                       if (typ == V_ASN1_OBJECT || typ == V_ASN1_NULL) {
+                       if (typ == V_ASN1_BOOLEAN || typ == V_ASN1_NULL ||
+                           typ == V_ASN1_OBJECT) {
                                BIO_printf(bio_err, "Can't parse %s type\n",
-                                   typ == V_ASN1_NULL ? "NULL" : "OBJECT");
+                                   ASN1_tag2str(typ));
                                ERR_print_errors(bio_err);
                                goto end;
                        }