lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-07-30 22:43:08 +03:00
Code Activity

Fix bug in calculation of maximum possible bytes

Browse Source 
Each DER-encoded OID byte can only store 7 bits of actual data, so take
account of that.

Calculate the number of bytes required as:

number_of_bytes = ceil(subidentifier_size * 8 / 7)

Signed-off-by: David Horstmann <david.horstmann@arm.com>
This commit is contained in:
David Horstmann
2023-06-02 15:32:20 +01:00
parent 02127ab022
commit 62e7fae109
1 changed files with 8 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
library/oid.c
View File

@ -971,7 +971,14 @@ int mbedtls_oid_from_numeric_string(mbedtls_asn1_buf *oid,
if (num_dots == 0 || (num_dots > MBEDTLS_OID_MAX_COMPONENTS - 1)) { if (num_dots == 0 || (num_dots > MBEDTLS_OID_MAX_COMPONENTS - 1)) {
return MBEDTLS_ERR_ASN1_INVALID_DATA; return MBEDTLS_ERR_ASN1_INVALID_DATA;
} }
size_t max_possible_bytes = num_dots * sizeof(unsigned int); /* Each byte can store 7 bits, calculate number of bytes for a
* subidentifier:
*
* bytes = ceil(subidentifer_size * 8 / 7)
*/
size_t bytes_per_subidentifier = (((sizeof(unsigned int) * 8) - 1) / 7)
+ 1;
size_t max_possible_bytes = num_dots * bytes_per_subidentifier;
oid->p = mbedtls_calloc(max_possible_bytes, 1); oid->p = mbedtls_calloc(max_possible_bytes, 1);
if (oid->p == NULL) { if (oid->p == NULL) {
return MBEDTLS_ERR_ASN1_ALLOC_FAILED; return MBEDTLS_ERR_ASN1_ALLOC_FAILED;