We do here like in all other decoder implementations, drop all errors
that were caused by a failing asn1_d2i_read_bio(), as it's most likely
to mean that the input isn't DER, and another decoder implementation,
if there is any left, should have a go.
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/15008)
*/
BIO *in = ossl_bio_new_from_core_bio(provctx, cin);
BUF_MEM *mem = NULL;
- int err, ok;
+ int ok;
if (in == NULL)
return 0;
ERR_set_mark();
ok = (asn1_d2i_read_bio(in, &mem) >= 0);
- /*
- * Prune low-level ASN.1 parse errors from error queue, assuming that
- * this is called by decoder_process() in a loop trying several formats.
- */
- if (!ok) {
- err = ERR_peek_last_error();
- if (ERR_GET_LIB(err) == ERR_LIB_ASN1
- && (ERR_GET_REASON(err) == ASN1_R_HEADER_TOO_LONG
- || ERR_GET_REASON(err) == ASN1_R_UNSUPPORTED_TYPE
- || ERR_GET_REASON(err) == ERR_R_NESTED_ASN1_ERROR
- || ERR_GET_REASON(err) == ASN1_R_NOT_ENOUGH_DATA)) {
- ERR_pop_to_mark();
- } else {
- ERR_clear_last_mark();
- goto end;
- }
+ ERR_pop_to_mark();
+ if (!ok && mem != NULL) {
+ OPENSSL_free(mem->data);
+ OPENSSL_free(mem);
+ mem = NULL;
}
ok = 1;
OPENSSL_free(mem->data);
OPENSSL_free(mem);
}
- end:
BIO_free(in);
return ok;
}
projects / thirdparty / openssl.git / commitdiff
