From 580d1070f02f9321f3c363adfaad07b9ace82550 Mon Sep 17 00:00:00 2001 From: tb Date: Fri, 10 Mar 2023 09:44:54 +0000 Subject: [PATCH] openssl(1) asn1parse: avoid crash with ASN.1 BOOLEANS When pointing openssl asn1parse -strparse at DER octets 01 01, it crashes: $ printf '<\x01\x01>' | openssl asn1parse -inform der -strparse 1 Refuse to parse BOOLEAN types instead, which avoids a crash in hensonian /* hmm... this is a little evil, but it works */ code. Found while poking at CMS timestamps to understand one of job's diffs. with/ok jsing --- usr.bin/openssl/asn1pars.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/usr.bin/openssl/asn1pars.c b/usr.bin/openssl/asn1pars.c index d6364b55644..3eac72cb668 100644 --- a/usr.bin/openssl/asn1pars.c +++ b/usr.bin/openssl/asn1pars.c @@ -1,4 +1,4 @@ -/* $OpenBSD: asn1pars.c,v 1.14 2023/03/07 05:53:17 tb Exp $ */ +/* $OpenBSD: asn1pars.c,v 1.15 2023/03/10 09:44:54 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -361,9 +361,10 @@ asn1parse_main(int argc, char **argv) goto end; } typ = ASN1_TYPE_get(at); - if (typ == V_ASN1_OBJECT || typ == V_ASN1_NULL) { + if (typ == V_ASN1_BOOLEAN || typ == V_ASN1_NULL || + typ == V_ASN1_OBJECT) { BIO_printf(bio_err, "Can't parse %s type\n", - typ == V_ASN1_NULL ? "NULL" : "OBJECT"); + ASN1_tag2str(typ)); ERR_print_errors(bio_err); goto end; } -- 2.20.1