From: Alberto Leiva Popper Date: Tue, 6 Aug 2024 16:35:14 +0000 (-0600) Subject: Prevent crash on missing signedAttrs X-Git-Tag: 1.6.3~5 X-Git-Url: http://git.ipfire.org/gitweb/gitweb.cgi?a=commitdiff_plain;h=4dafbd9de64a5a0616af97365bc1751465b29d2e;p=thirdparty%2FFORT-validator.git Prevent crash on missing signedAttrs Though RPKI enforces the presence of this field, it is very much optional in CMS. Also adds missing validation messages in relevant error paths. Thanks to Niklas Vogel for reporting this. --- diff --git a/src/asn1/signed_data.c b/src/asn1/signed_data.c index 41ebf911..0d74bf16 100644 --- a/src/asn1/signed_data.c +++ b/src/asn1/signed_data.c @@ -468,30 +468,32 @@ get_content_type_attr(struct SignedData *sdata, OBJECT_IDENTIFIER_t **result) bool equal; if (sdata == NULL) - return -EINVAL; + return pr_val_err("SignedData is NULL."); if (sdata->signerInfos.list.array == NULL) - return -EINVAL; + return pr_val_err("SignerInfos array is NULL."); if (sdata->signerInfos.list.array[0] == NULL) - return -EINVAL; + return pr_val_err("SignerInfos array first element is NULL."); signedAttrs = sdata->signerInfos.list.array[0]->signedAttrs; + if (signedAttrs == NULL) + return pr_val_err("signedAttrs is NULL."); if (signedAttrs->list.array == NULL) - return -EINVAL; + return pr_val_err("signedAttrs array is NULL."); for (i = 0; i < signedAttrs->list.count; i++) { attr = signedAttrs->list.array[i]; if (!attr) - return -EINVAL; + return pr_val_err("signedAttrs array element %d is NULL.", i); error = oid2arcs(&attr->attrType, &arcs); if (error) - return -EINVAL; + return error; equal = ARCS_EQUAL_OIDS(&arcs, oid_cta); free_arcs(&arcs); if (equal) { if (attr->attrValues.list.array == NULL) - return -EINVAL; + return pr_val_err("signedAttrs attrValue array is NULL."); if (attr->attrValues.list.array[0] == NULL) - return -EINVAL; + return pr_val_err("signedAttrs attrValue array first element is NULL."); return asn1_decode_any(attr->attrValues.list.array[0], &asn_DEF_OBJECT_IDENTIFIER, (void **) result, true);