VirtualBox

Changeset 74762 in vbox for trunk/src/VBox/Runtime/common


Ignore:
Timestamp:
Oct 11, 2018 11:28:34 AM (6 years ago)
Author:
vboxsync
Message:

IPRT/ldr/asn1/pkcs7: Ironed out issues in decoding indefinite ASN.1 length records and successfully verified the first Mach-O signature. bugref:9232

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/VBox/Runtime/common/asn1/asn1-cursor.cpp

    r74760 r74762  
    203203RTDECL(int) RTAsn1CursorCheckEnd(PRTASN1CURSOR pCursor)
    204204{
    205     if (pCursor->cbLeft == 0)
    206         return VINF_SUCCESS;
    207 
    208     if (pCursor->fFlags & RTASN1CURSOR_FLAGS_INDEFINITE_LENGTH)
    209     {
    210         /*
    211          * If we've got two zeros here we're good.  This helps us handle apple code
    212          * signatures, where most of the big structures are of indefinite length.
    213          * The problem here is when rtCrPkcs7ContentInfo_DecodeExtra works the
    214          * octet string, it appears as if there extra padding at the end.
    215          *
    216          * It is of course possible that ASN.1 assumes we will parse the content of
    217          * that octet string as if it were an ASN.1 substructure, looking for the
    218          * end-of-content sequence and propage that up.  However, this works for now.
    219          */
    220         if (pCursor->cbLeft >= 2)
    221         {
    222             if (   pCursor->pbCur[0] == 0
    223                 && pCursor->pbCur[1] == 0)
    224                 return VINF_SUCCESS;
    225             return RTAsn1CursorSetInfo(pCursor, VERR_ASN1_CURSOR_NOT_AT_END,
    226                                        "%u (%#x) bytes left over [indef: %.*Rhxs]",
    227                                        pCursor->cbLeft, pCursor->cbLeft, RT_MIN(pCursor->cbLeft, 16), pCursor->pbCur);
    228         }
     205    if (!(pCursor->fFlags & RTASN1CURSOR_FLAGS_INDEFINITE_LENGTH))
     206    {
     207        if (pCursor->cbLeft == 0)
     208            return VINF_SUCCESS;
    229209        return RTAsn1CursorSetInfo(pCursor, VERR_ASN1_CURSOR_NOT_AT_END,
    230                                    "%u (%#x) bytes left over [indef len]", pCursor->cbLeft, pCursor->cbLeft);
     210                                   "%u (%#x) bytes left over", pCursor->cbLeft, pCursor->cbLeft);
     211    }
     212
     213    /*
     214     * There must be exactly two zero bytes here.
     215     */
     216    if (pCursor->cbLeft == 2)
     217    {
     218        if (   pCursor->pbCur[0] == 0
     219            && pCursor->pbCur[1] == 0)
     220            return VINF_SUCCESS;
     221        return RTAsn1CursorSetInfo(pCursor, VERR_ASN1_CURSOR_NOT_AT_END,
     222                                   "%u (%#x) bytes left over [indef: %.*Rhxs]",
     223                                   pCursor->cbLeft, pCursor->cbLeft, RT_MIN(pCursor->cbLeft, 16), pCursor->pbCur);
    231224    }
    232225    return RTAsn1CursorSetInfo(pCursor, VERR_ASN1_CURSOR_NOT_AT_END,
    233                                "%u (%#x) bytes left over", pCursor->cbLeft, pCursor->cbLeft);
     226                               "%u (%#x) byte(s) left over, exepcted exactly two zero bytes [indef len]",
     227                               pCursor->cbLeft, pCursor->cbLeft);
    234228}
    235229
Note: See TracChangeset for help on using the changeset viewer.

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette