Limit extracted size of DER sequence data

This change limits the size of extracted DER sequences to the size given in the sequence's length field.

Limit extracted size of DER sequence data
This change limits the size of extracted DER sequences to the size given in the sequence's length field.
b8f355b0 · BenBE · GitHub · 4e6c3063 · b8f355b0
Commit b8f355b0 authored Jun 18, 2017 by BenBE Committed by GitHub Jun 18, 2017
Hide whitespace changes
Inline Side-by-side

Showing with 2 additions and 0 deletions

crypto src/binwalk/magic/crypto +2 -0

No files found.
--- a/src/binwalk/magic/crypto
+++ b/src/binwalk/magic/crypto
@@ -28,11 +28,13 @@
 >4      string          !\x02\x01\x00   {invalid}
 >2      beshort         <0              {invalid}
 >2      beshort         x               header length: 4, sequence length: %d
+>2      beshort+4       x               {size:%d}

 0       string          \x30\x82        Certificate in DER format (x509 v3),
 >4      string          !\x30\x82       {invalid}
 >2      beshort         <0              {invalid}
 >2      beshort         x               header length: 4, sequence length: %d
+>2      beshort+4       x               {size:%d}

 # GnuPG
 # The format is very similar to pgp