RGBCube/serenity
1
Fork 0
mirror of https://github.com/RGBCube/serenity synced 2025-07-26 05:57:44 +00:00
Code Issues Activity Actions

LibCrypto+LibTLS: Avoid crashing on invalid input

Browse source 
Fixes #18307.
This commit is contained in:
Ben Wiederhake 2023-05-07 14:20:46 +02:00 committed by Andreas Kling
parent f37f081f15
commit ac5cef1b66
2 changed files with 6 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

6
Userland/Libraries/LibTLS/Certificate.cpp
View file

@ -365,10 +365,10 @@ static ErrorOr<SubjectPublicKey> parse_subject_public_key_info(Crypto::ASN1::Dec
READ_OBJECT(BitString, Crypto::ASN1::BitStringView, value);
POP_SCOPE();
public_key.raw_key = TRY(ByteBuffer::copy(value.raw_bytes()));
public_key.raw_key = TRY(ByteBuffer::copy(TRY(value.raw_bytes())));
if (public_key.algorithm.identifier.span() == rsa_encryption_oid.span()) {
auto key = Crypto::PK::RSA::parse_rsa_key(value.raw_bytes());
auto key = Crypto::PK::RSA::parse_rsa_key(TRY(value.raw_bytes()));
if (!key.public_key.length()) {
return Error::from_string_literal("Invalid RSA key");
}
@ -773,7 +773,7 @@ ErrorOr<Certificate> Certificate::parse_certificate(ReadonlyBytes buffer, bool)
PUSH_SCOPE("signature"sv);
READ_OBJECT(BitString, Crypto::ASN1::BitStringView, signature);
certificate.signature_value = TRY(ByteBuffer::copy(signature.raw_bytes()));
certificate.signature_value = TRY(ByteBuffer::copy(TRY(signature.raw_bytes())));
POP_SCOPE();
if (!decoder.eof()) {