From: Richard Levitte <levitte@openssl.org>
Date: Sat, 20 Mar 2021 08:09:40 +0000 (+0100)
Subject: ASN1: Reset the content dump flag after dumping
X-Git-Tag: OpenSSL_1_1_1k~9
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=ffefffa000437da5703dd8a173386623304b055d;p=thirdparty%2Fopenssl.git

ASN1: Reset the content dump flag after dumping

When encountering a badly coded item, the DER printer (ASN1_print_dump())
sets a flag to ensure that an additional hex dump of the offending content
is printed as part of the output.  Unfortunately, this flag is never reset,
which means that all following items are printed with the extra hex dump,
whether they are faulty or not.

Resetting the flag after hex dumping ensures that only the faulty contents
are printed with the additional hex dump.

Fixes #14626

Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14627)

(cherry picked from commit 6e34a1048ce4871371eac224b995c3b4338f6166)
---

diff --git a/crypto/asn1/asn1_par.c b/crypto/asn1/asn1_par.c
index 3f10c7cb94c..d45f810bce0 100644
--- a/crypto/asn1/asn1_par.c
+++ b/crypto/asn1/asn1_par.c
@@ -325,6 +325,7 @@ static int asn1_parse2(BIO *bp, const unsigned char **pp, long length,
                 }
                 if (BIO_puts(bp, "]") <= 0)
                     goto end;
+                dump_cont = 0;
             }
 
             if (!nl) {