octoleo/phpseclib
1
0
Fork 0
mirror of https://github.com/phpseclib/phpseclib.git synced 2024-12-26 11:37:33 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch '2.0'

Browse Source
This commit is contained in:
terrafrost 2018-09-17 00:29:24 -05:00
commit 4bc53f1251
2 changed files with 21 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
phpseclib/File/ASN1.php
View File

@ -333,6 +333,9 @@ abstract class ASN1
$remainingLength = $length; $remainingLength = $length;
while ($remainingLength > 0) { while ($remainingLength > 0) {
$temp = self::decode_ber($content, $start, $content_pos); $temp = self::decode_ber($content, $start, $content_pos);
if ($temp === false) {
break;
}
$length = $temp['length']; $length = $temp['length'];
// end-of-content octets - see paragraph 8.1.5 // end-of-content octets - see paragraph 8.1.5
if (substr($content, $content_pos + $length, 2) == "\0\0") { if (substr($content, $content_pos + $length, 2) == "\0\0") {
@ -384,6 +387,9 @@ abstract class ASN1
$current['content'] = substr($content, $content_pos); $current['content'] = substr($content, $content_pos);
} else { } else {
$temp = self::decode_ber($content, $start, $content_pos); $temp = self::decode_ber($content, $start, $content_pos);
if ($temp === false) {
return false;
}
$length-= (strlen($content) - $content_pos); $length-= (strlen($content) - $content_pos);
$last = count($temp) - 1; $last = count($temp) - 1;
for ($i = 0; $i < $last; $i++) { for ($i = 0; $i < $last; $i++) {
@ -408,6 +414,9 @@ abstract class ASN1
$length = 0; $length = 0;
while (substr($content, $content_pos, 2) != "\0\0") { while (substr($content, $content_pos, 2) != "\0\0") {
$temp = self::decode_ber($content, $length + $start, $content_pos); $temp = self::decode_ber($content, $length + $start, $content_pos);
if ($temp === false) {
return false;
}
$content_pos += $temp['length']; $content_pos += $temp['length'];
// all subtags should be octet strings // all subtags should be octet strings
//if ($temp['type'] != self::TYPE_OCTET_STRING) { //if ($temp['type'] != self::TYPE_OCTET_STRING) {
@ -440,6 +449,9 @@ abstract class ASN1
break 2; break 2;
} }
$temp = self::decode_ber($content, $start + $offset, $content_pos); $temp = self::decode_ber($content, $start + $offset, $content_pos);
if ($temp === false) {
return false;
}
$content_pos += $temp['length']; $content_pos += $temp['length'];
$current['content'][] = $temp; $current['content'][] = $temp;
$offset+= $temp['length']; $offset+= $temp['length'];

9
tests/Unit/File/ASN1Test.php
View File

@ -335,4 +335,13 @@ class Unit_File_ASN1Test extends PhpseclibTestCase
$this->assertSame($data, $arr); $this->assertSame($data, $arr);
} }
/**
* @group github1296
*/
public function testInvalidCertificate()
{
$data = 'a' . base64_decode('MD6gJQYKKwYBBAGCNxQCA6AXDBVvZmZpY2VAY2VydGRpZ2l0YWwucm+BFW9mZmljZUBjZXJ0ZGlnaXRhbC5ybw==');
ASN1::decodeBER($data);
}
} }