Here is a minor issue with no security consequences (the description file is not usually under the control of an attacker).
With the specially crafted ASN.1 description attached to this message, using the current git version, the function _asn1_expand_object_id, at line 797, passes a null pointer as p4->value to the function _asn1_str_cat, which expects a pointer to a string: http://git.savannah.gnu.org/cgit/libtasn1.git/tree/lib/parser_aux.c?id=a6e0a0b58f5cdaf4e9beca5bce69c09808cbb625#n797 The callstack at the point of the crash is: stack: strlen :: lib/gstr.c:34 <- _asn1_str_cat :: lib/parser_aux.c:797 <- _asn1_expand_object_id :: ASN1.y:704 <- asn1_parser2tree :: src/asn1Decoding.c:155 <- main The commandline to reproduce is: src/asn1Decoding null_string.asn null_string.asn PKIX1.Certificate
null_string.asn
Description: null_string.asn
Is there an issue tracker that I could use for less urgent problems such as this one? Pascal
