Re: ASN1_dup bug???

Sun, 11 Mar 2001 08:37:10 -0800 

Sven Heiberg wrote:
> 
> Hello!
> 
> a_dup.c contains following code.
> 
> 1>    i=(long)i2d(x,NULL);
> 2>    b=(unsigned char *)OPENSSL_malloc((unsigned int)i+10);
> 3>    if (b == NULL)
> 4>        { ASN1err(ASN1_F_ASN1_DUP,ERR_R_MALLOC_FAILURE); return(NULL); }
> 5>    p= b;
> 6>    i=i2d(x,&p);
> 7>    p= b;
> 8>    ret=d2i(NULL,&p,i);
> 
> Note that on the line 1 length for der-encoded buffer is asked and stored
> into variable i. On the line 6 this variable i is modified again. This
> should be OK - Noone has modified the structure x inbetween and the return
> value of i2d should be same. In a real life this is not the case. For
> example following macros fail to work together:
> 
> M_ASN1_I2D_vars - sets variables r and ret zero
> 
> M_ASN1_I2D_len_EXP_opt - stores the length of der-buffer in variable ret
> 
> M_ASN1_I2D_put_EXP_opt - doesn't modify variables r and ret
> 
> M_ASN1_I2D_finish - returns value kept in variable r (this is not
> modified by previous macros and thus zero)
> 
> So one of the two is broken - those macros (asn1_mac.h) or a_dup.c
> 
> For my own purposes I rewrote line 6
> 
> 6> i2d(x, &p);
> 
> I have checked the length before once so no need to check it again.
> 

I agree that line 6 is redundant but there's been no obvious problems
with this before and ASN1_dup() has been about since SSLeay days. If the
length was set to a value smaller than the buffer then i2d() would fail
and ASN1_dup() would fail as well.

Although the *_put_* macros don't modify the len and ret variables that
doesn't matter because when you call an i2d function with a non NULL
buffer it goes through all the *_len_* macros again and should result in
the same length as calculated before.

I agree that that is inefficient and its one of the things which will
change at some point with the new ASN1 code.

Steve.
-- 
Dr Stephen N. Henson.   http://www.drh-consultancy.demon.co.uk/
Personal Email: [EMAIL PROTECTED] 
Senior crypto engineer, Celo Communications: http://www.celocom.com/
Core developer of the   OpenSSL project: http://www.openssl.org/
Business Email: [EMAIL PROTECTED] PGP key: via homepage.

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to