diff --git a/phpseclib/File/ASN1.php b/phpseclib/File/ASN1.php index 659b6f52..249a37d6 100644 --- a/phpseclib/File/ASN1.php +++ b/phpseclib/File/ASN1.php @@ -1277,6 +1277,11 @@ class File_ASN1 $oid = array(); $pos = 0; $len = strlen($content); + // see https://github.com/openjdk/jdk/blob/2deb318c9f047ec5a4b160d66a4b52f93688ec42/src/java.base/share/classes/sun/security/util/ObjectIdentifier.java#L55 + if ($len > 4096) { + //user_error('Object Identifier size is limited to 4096 bytes'); + return false; + } if (ord($content[$len - 1]) & 0x80) { return false; diff --git a/tests/Unit/File/ASN1/mal-cert-02.der b/tests/Unit/File/ASN1/mal-cert-02.der new file mode 100644 index 00000000..981c3557 Binary files /dev/null and b/tests/Unit/File/ASN1/mal-cert-02.der differ diff --git a/tests/Unit/File/ASN1Test.php b/tests/Unit/File/ASN1Test.php index 747e3c9a..91e520da 100644 --- a/tests/Unit/File/ASN1Test.php +++ b/tests/Unit/File/ASN1Test.php @@ -448,4 +448,17 @@ class Unit_File_ASN1Test extends PhpseclibTestCase $decoded = $asn1->decodeBER($em); $this->assertFalse($decoded[0]); } + + public function testLongOID() + { + $cert = file_get_contents(dirname(__FILE__) . '/ASN1/mal-cert-02.der'); + + $asn1 = new File_ASN1(); + //$this->setExpectedException('PHPUnit_Framework_Error_Notice'); + $decoded = $asn1->decodeBER($cert); + $this->assertFalse($decoded[0]); + + //$x509 = new X509(); + //$x509->loadX509($cert); + } }