From 7b64528cf7ba87e803a3ed29c8ca877e88796e24 Mon Sep 17 00:00:00 2001 From: Dave Pate Date: Tue, 22 Jan 2019 13:59:06 -0800 Subject: [PATCH] lib: check tlv length encoding when reading complex data --- lib/util.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/lib/util.c b/lib/util.c index de4caf9..3d4384c 100644 --- a/lib/util.c +++ b/lib/util.c @@ -1457,6 +1457,11 @@ static ykpiv_rc _get_metadata_item(uint8_t *data, size_t cb_data, uint8_t tag, u while (p_temp < (data + cb_data)) { tag_temp = *p_temp++; + + if (!_ykpiv_has_valid_length(p_temp, (data + cb_data - p_temp))) { + return YKPIV_SIZE_ERROR; + } + p_temp += _ykpiv_get_length(p_temp, &cb_temp); if (tag_temp == tag) {