More strict DER-compliance checking on the ASN.1 INTEGER, BIT STRING and BOOLEAN field types

NEW
Assigned to

Status

4 years ago
4 years ago

People

(Reporter: jcj, Assigned: jcj)

Tracking

Firefox Tracking Flags

(Not tracked)

Details

(Assignee)

Description

4 years ago
This is a follow-on to bug 1064670, particularly the comments by Brian Smith.

Decoding of INTEGER, BIT STRING and BOOLEAN in quickder.c is too permissive; for example, BOOLEAN may only be 0xFF or 0x00, yet the current decoder doesn't check. 

This bug is to carry capture the changes from what was first "part 2" of bug 1064670.
You need to log in before you can comment on or make changes to this bug.