diff options
author | Kenny Root <kenny@the-b.org> | 2015-12-25 20:16:23 -0600 |
---|---|---|
committer | Kenny Root <kenny@the-b.org> | 2015-12-25 20:30:55 -0600 |
commit | 1bd5343e71b7ebd09aabaebba282227a7786e5ba (patch) | |
tree | 19abd9c56bcf658286b1db7739c760627c93dd2e /sshlib/src/main/java/com/trilead/ssh2/crypto | |
parent | 39aef25501455b50fff7e0cb3ddf5399ab4bfc29 (diff) | |
download | sshlib-1bd5343e71b7ebd09aabaebba282227a7786e5ba.tar.gz sshlib-1bd5343e71b7ebd09aabaebba282227a7786e5ba.tar.bz2 sshlib-1bd5343e71b7ebd09aabaebba282227a7786e5ba.zip |
Add length check with test
Diffstat (limited to 'sshlib/src/main/java/com/trilead/ssh2/crypto')
-rw-r--r-- | sshlib/src/main/java/com/trilead/ssh2/crypto/SimpleDERReader.java | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/sshlib/src/main/java/com/trilead/ssh2/crypto/SimpleDERReader.java b/sshlib/src/main/java/com/trilead/ssh2/crypto/SimpleDERReader.java index ff8112a..beca5f7 100644 --- a/sshlib/src/main/java/com/trilead/ssh2/crypto/SimpleDERReader.java +++ b/sshlib/src/main/java/com/trilead/ssh2/crypto/SimpleDERReader.java @@ -68,7 +68,8 @@ public class SimpleDERReader return count; } - private int readLength() throws IOException + /* visible for testing */ + int readLength() throws IOException { int len = readByte() & 0xff; @@ -79,6 +80,8 @@ public class SimpleDERReader if (remain == 0) return -1; + else if (remain > 4) + return -1; len = 0; @@ -89,6 +92,9 @@ public class SimpleDERReader remain--; } + if (len < 0) + return -1; + return len; } |