libaacs | branch: refs/tags/0.3.0 | npzacs <[email protected]> | Sat Sep 24 15:29:43 2011 +0300| [d895e8c86a88a03db906a66dd0f083badbdf5a5d] | committer: npzacs
crypto_aacs_verify_cert(): check certificate length > http://git.videolan.org/gitweb.cgi/libaacs.git/?a=commit;h=d895e8c86a88a03db906a66dd0f083badbdf5a5d --- src/libaacs/crypto.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/src/libaacs/crypto.c b/src/libaacs/crypto.c index 0c6601e..3328a9e 100644 --- a/src/libaacs/crypto.c +++ b/src/libaacs/crypto.c @@ -455,6 +455,12 @@ int crypto_aacs_verify_aacsla(const uint8_t *signature, const uint8_t *data, ui int crypto_aacs_verify_cert(const uint8_t *cert) { + if (MKINT_BE16(cert+2) != 0x5c) { + DEBUG(DBG_AACS|DBG_CRIT, "Certificate length is invalid (0x%04x), expected 0x005c\n", + MKINT_BE16(cert+2)); + return 0; + } + return crypto_aacs_verify_aacsla(cert + 52, cert, 52); } _______________________________________________ libaacs-devel mailing list [email protected] http://mailman.videolan.org/listinfo/libaacs-devel
