-
Notifications
You must be signed in to change notification settings - Fork 554
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
SEQUENCE OF/SET OF generate infinite loop in constraint check (again!) #379
Comments
@robstradling could you please provide a simple/small reproducer? |
@mouse07410 Please take a look at https://github.com/certlint/certlint. It's an X.509 certificate linter written in Ruby, which incorporates a C library (asn1validator.so) that's largely autogenerated by asn1c. https://github.com/certlint/certlint/tree/master/ext/README provides instructions (including applying the patch from this PR) for building asn1validator.so. |
Oh, so the asn1c code is used in a package that makes this behavior manifested. I was thinking of a small C program (ideally, less than 100 lines of code) with a set of ASN.1 files (presumably from PKIX) that would demonstrate this hangup. Building and debugging a Ruby app sounds less enticing... :-( And in its current form, I can't even apply this patch, because it breaks the existing CI. |
Patch accepted, thank you! |
Thanks @vlm ! |
It looks like 14e75ed caused a regression w.r.t. dfc9314.
I'm seeing exactly the same behaviour (infinite loop) as described in #195 when trying to check the constraints for a PKIX SubjectAltName.
The text was updated successfully, but these errors were encountered: