From bfc0f242eee71acf8123eea8abd84d4409bbe193 Mon Sep 17 00:00:00 2001
From: leitner <leitner>
Date: Mon, 21 Apr 2014 14:42:24 +0000
Subject: [PATCH] fix off by one in int parsing

---
 printasn1.c        |  4 ++--
 scan_asn1rawint.c  |  2 +-
 scan_certificate.c | 23 +++++++++++++----------
 3 files changed, 16 insertions(+), 13 deletions(-)

diff --git a/printasn1.c b/printasn1.c
index 1b62f7b..4bcf214 100644
--- a/printasn1.c
+++ b/printasn1.c
@@ -81,8 +81,8 @@ void printasn1(const char* buf,const char* max) {
       } else if (tag==OBJECT_IDENTIFIER) {
 	struct oid o;
 	size_t mlen;
-	size_t fnord[100];
-	o.l=100;
+	size_t fnord[1000];
+	o.l=1000;
 	o.a=fnord;
 	mlen=scan_asn1rawoid(buf,buf+len,o.a,&o.l);
 	if (mlen) {
diff --git a/scan_asn1rawint.c b/scan_asn1rawint.c
index 81e456c..375da1d 100644
--- a/scan_asn1rawint.c
+++ b/scan_asn1rawint.c
@@ -12,7 +12,7 @@ size_t scan_asn1rawint(const char* src,const char* max,size_t len,long* l) {
     if (len>sizeof(m)+1) return 0;	// value too large, does not fit
   } else
     if (len>sizeof(m)) return 0;	// value too large, does not fit
-  if (src+len>=max) return 0;		// input buffer not sufficient
+  if (src+len>max) return 0;		// input buffer not sufficient
   for (i=0; i<len; ++i) {
     m=(m<<8)|(unsigned char)src[i];
   }
diff --git a/scan_certificate.c b/scan_certificate.c
index 6107782..9a0cc85 100644
--- a/scan_certificate.c
+++ b/scan_certificate.c
@@ -32,10 +32,6 @@ struct rsaprivatekey {
   size_t* freewhendone;
 };
 
-struct dsaprivatekey {
-}
-
-
 void printasn1(const char* buf,const char* max);
 
 static int findindn(struct string* dn,enum x509_oid id,struct string* dest) {
@@ -175,8 +171,8 @@ size_t scan_certificate(const char* cert, size_t l, struct x509cert* C, char** f
     unsigned long tagforversion;	// must be 0
     unsigned long version;
     struct string oidalg,algparams,pubkeyalg,extensions,oidsig,sigrest,sigdata;
-    size_t i;
-    if (scan_asn1generic(cert,cert+l,"{{ci]i{o!}{!}{uu}{!}{!}!}{o!}b}",
+    size_t n,i;
+    if ((n=scan_asn1generic(cert,cert+l,"{{ci]i{o!}{!}{uu}{!}{!}!}{o!}b}",
 			 &tagforversion,
 			 &version,
 			 &C->serial,
@@ -186,7 +182,7 @@ size_t scan_certificate(const char* cert, size_t l, struct x509cert* C, char** f
 			 &C->subject,
 			 &pubkeyalg,
 			 &extensions,
-			 &oidsig, &sigrest, &sigdata)) {
+			 &oidsig, &sigrest, &sigdata))) {
 
       if (version==0)
 	printf("X.509 certificate\n");
@@ -304,11 +300,14 @@ size_t scan_certificate(const char* cert, size_t l, struct x509cert* C, char** f
 	  printf("could not parse public key part!\n");
       }
 
+      return n;
+
+    } else {
+      printasn1(cert,cert+l);
+      return 0;
     }
   }
 
-//  printasn1(cert,cert+l);
-
 }
 
 #include "mmap.h"
@@ -318,7 +317,7 @@ size_t scan_certificate(const char* cert, size_t l, struct x509cert* C, char** f
 
 int main(int argc,char* argv[]) {
   char* freewhendone;
-  char* buf;
+  const char* buf;
   size_t l,n;
   struct x509cert c;
   struct rsaprivatekey k;
@@ -327,12 +326,16 @@ int main(int argc,char* argv[]) {
   if (!buf) { puts("test.pem not found"); return 1; }
 
   n=scan_certificate(buf,l,&c,&freewhendone);
+  if (!n)
+    printf("failed to parse certificate\n");
   free(freewhendone);
 
   buf=mmap_read(argc>1?argv[1]:"privatekey.pem",&l);
   if (!buf) { puts("privatekey.pem not found"); return 1; }
 
   n=scan_rsaprivatekey(buf,l,&k,&freewhendone);
+  if (!n)
+    printf("failed to parse rsa private key\n");
   free(freewhendone);
   free(k.freewhendone);
 }