From 70153dd363e0cc12ef201ca4c1b2cef04dea6b5d Mon Sep 17 00:00:00 2001
From: Alex Gaynor <alex.gaynor@gmail.com>
Date: Sat, 2 Apr 2016 13:03:05 -0400
Subject: Handle two more error conditions correctly

* Handle two more error conditions correctly

* fixed test case
---
 src/cryptography/hazmat/primitives/serialization.py | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'src')

diff --git a/src/cryptography/hazmat/primitives/serialization.py b/src/cryptography/hazmat/primitives/serialization.py
index 5c166c89..d848e5d4 100644
--- a/src/cryptography/hazmat/primitives/serialization.py
+++ b/src/cryptography/hazmat/primitives/serialization.py
@@ -127,7 +127,13 @@ def _read_next_string(data):
 
     While the RFC calls these strings, in Python they are bytes objects.
     """
+    if len(data) < 4:
+        raise ValueError("Key is not in the proper format")
+
     str_len, = struct.unpack('>I', data[:4])
+    if len(data) < str_len + 4:
+        raise ValueError("Key is not in the proper format")
+
     return data[4:4 + str_len], data[4 + str_len:]
 
 
-- 
cgit v1.2.3