Fix error check of CMS_unsigned_get_addr_count()

According to RFC 5652, unsignedAttrs are a SET OF at least one member,
however the CMS code doesn't actually check for this. Since SET OF may
contain zero members in general, an empty set of unsignedAttrs would
be accepted. Catch this by explicitly checking for a -1 return value.

ok claudio

diff --git a/usr.sbin/rpki-client/cms.c b/usr.sbin/rpki-client/cms.c
index ef3f851..5594785 100644 (file)
--- a/usr.sbin/rpki-client/cms.c
+++ b/usr.sbin/rpki-client/cms.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: cms.c,v 1.14 2022/03/25 08:19:04 claudio Exp $ */
+/*     $OpenBSD: cms.c,v 1.15 2022/03/28 08:19:15 tb Exp $ */
 /*
  * Copyright (c) 2019 Kristaps Dzonsons <kristaps@bsd.lv>
  *
@@ -149,7 +149,7 @@ cms_parse_validate(X509 **xp, const char *fn, const unsigned char *der,
                    "signed attribute", fn);
                goto out;
        }
-       if (CMS_unsigned_get_attr_count(si) > 0) {
+       if (CMS_unsigned_get_attr_count(si) != -1) {
                cryptowarnx("%s: RFC 6488: CMS has unsignedAttrs", fn);
                goto out;
        }