-
Notifications
You must be signed in to change notification settings - Fork 20
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
bit_string
and bit_string_flags
decoders crash on some invalid inputs
#26
Comments
Thanks for the fix! Just tested it and it works like a charm! |
The range of unused bits is a pure bug: X.690:
Fixed here. The issue of partial last byte is more subtle. The canonical (and accurate) representation of bit strings is Of course the real problem is a lack of a proper custom type without the heroic 64-fold size blowup of Thanks for the report and the handy repro! |
CHANGES: * disallow various constructs as suggested by ITU-T Rec X.690 (by @pqwy) * redundant OID component forms (X.690 8.20.2) * redundant integer forms (X.690 8.3.2) * empty integer (X.690 8.3.1, reported in mirleft/ocaml-asn1-combinators#23 by @emillon) * constructed strings in DER * deeper implict -> explicit over choice (follow-up to v0.2.0 entry, by @pqwy) * handle long-form length overflow (reported in mirleft/ocaml-asn1-combinators#24 by @emillon, fixed by @pqwy) * disallow primitive with indefinite length (introduced in the bugfix above, reported by @emillon, fixed in mirleft/ocaml-asn1-combinators#32 by @hannesm) * disallow nonsensical bitstring unused values (X690 8.6.2, reported in mirleft/ocaml-asn1-combinators#26 by @NathanReb, fixed by @pqwy) * fix non-continuous bit_string_flags (X680 22.6, reported in mirleft/ocaml-asn1-combinators#25 by @wiml, fixed by @pqwy) * use Alcotest instead of oUnit for unit tests (by @pqwy) * use dune as build system (by @pqwy, superseeds mirleft/ocaml-asn1-combinators#22) * use bigarray-compat (mirleft/ocaml-asn1-combinators#27 by @TheLortex) and stdlib-shims (mirleft/ocaml-asn1-combinators#29 by @XVilka) * raise lower bound to OCaml 4.05.0 (mirleft/ocaml-asn1-combinators#31 by @hannesm)
thanks for the report, this has been fixed and is now part of the 0.2.1 release. |
I recently stumbled upon a bug. A
bit_string
or abit_string_flag
decoder seem to fail on some invalid inputs with anInvalid_argument "Array.init"
instead of returning a parsing error. Running those simple examples should reproduce the issue:or
The crash seems to happen when the first octet specifying the number of insignificant bits in the last octet has an inconsistent value per se or given the rest of the bit string.
Trying to decode
0x030101
will fail same as0x03036a0303
.Note that the
bit_string_cs
isn't affected by the bug in the sense that it doesn't result in a crash but just returns whatever the bit string contains without the first octet encoding the insignificant bits.This might not be the best behaviour. I'm guessing most people use the
bit_string_cs
in places where the first octet is always0x00
such as in X509 SubjectPublicKeyInfo so they shouldn't be affected but it does seem a bit unsafe to just discard the first octet in those cases if it's not0x00
.I guess a decent alternative would be to add an
(int * Cstruct.t) Asn.S.t
with theint
being the number of insignificant bits in the last octet of theCstruct.t
.bit_string_cs
could then be built on top of that and check that the first element is0
.I'm of course happy to help by providing any further detail you'd need or even a patch.
The text was updated successfully, but these errors were encountered: