diff options
| author | android-build-team Robot <android-build-team-robot@google.com> | 2017-05-25 18:21:22 +0000 |
|---|---|---|
| committer | android-build-team Robot <android-build-team-robot@google.com> | 2017-05-25 18:21:22 +0000 |
| commit | 2675882fa801b908a44057b0c6d72c78b1766530 (patch) | |
| tree | f7665dd7b34aa5368957a3874d165272f2075ff3 | |
| parent | c82cdce489607ddc8a67396890b258acb8592a0c (diff) | |
| parent | 2209bdc716c1e587f2c71d6244d78187827e9abe (diff) | |
| download | boringssl-nougat-mr1.1-release.tar.gz | |
Merge cherrypicks of [2315914, 2315916, 2315837, 2315963, 2315918, 2315814, 2315983, 2315964, 2316107, 2316086, 2316109, 2315977, 2316145, 2316016, 2316110, 2316221, 2316088, 2316210, 2316242, 2316222, 2316075, 2316076, 2316077, 2316089, 2316243, 2316183, 2316078, 2316112, 2316211, 2316149, 2316113, 2316212, 2316151, 2316215, 2316131, 2316115, 2316245, 2316216, 2316116, 2316217, 2316279, 2316186, 2316187, 2316246, 2316247, 2316249, 2316218, 2316092, 2316094, 2316323, 2316360, 2316379] into nyc-mr1-security-a-releaseandroid-7.1.1_r54android-7.1.1_r51android-7.1.1_r47android-7.1.1_r44nougat-mr1.1-release
Change-Id: Ib1188b3433a6ee43e1b3ec92347282291b3a6c68
| -rw-r--r-- | src/crypto/asn1/a_d2i_fp.c | 46 |
1 files changed, 31 insertions, 15 deletions
diff --git a/src/crypto/asn1/a_d2i_fp.c b/src/crypto/asn1/a_d2i_fp.c index 97ec75b5..af03bc0c 100644 --- a/src/crypto/asn1/a_d2i_fp.c +++ b/src/crypto/asn1/a_d2i_fp.c @@ -140,6 +140,7 @@ void *ASN1_item_d2i_fp(const ASN1_ITEM *it, FILE *in, void *x) #endif #define HEADER_SIZE 8 +#define ASN1_CHUNK_INITIAL_SIZE (16 * 1024) static int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb) { BUF_MEM *b; @@ -231,6 +232,7 @@ static int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb) want=c.slen; if (want > (len-off)) { + size_t chunk_max = ASN1_CHUNK_INITIAL_SIZE; want-=(len-off); if (want > INT_MAX /* BIO_read takes an int length */ || len+want < len) @@ -238,23 +240,37 @@ static int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb) OPENSSL_PUT_ERROR(ASN1, ASN1_R_TOO_LONG); goto err; } - if (!BUF_MEM_grow_clean(b,len+want)) - { - OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); - goto err; - } while (want > 0) { - i=BIO_read(in,&(b->data[len]),want); - if (i <= 0) - { - OPENSSL_PUT_ERROR(ASN1, ASN1_R_NOT_ENOUGH_DATA); - goto err; - } - /* This can't overflow because - * |len+want| didn't overflow. */ - len+=i; - want-=i; + + /* + * Read content in chunks of increasing size + * so we can return an error for EOF without + * having to allocate the entire content length + * in one go. + */ + size_t chunk = want > chunk_max ? chunk_max : want; + + if (!BUF_MEM_grow_clean(b, len + chunk)) { + OPENSSL_PUT_ERROR(ASN1, ERR_R_MALLOC_FAILURE); + goto err; + } + want -= chunk; + while (chunk > 0) { + i = BIO_read(in, &(b->data[len]), chunk); + if (i <= 0) { + OPENSSL_PUT_ERROR(ASN1, ASN1_R_NOT_ENOUGH_DATA); + goto err; + } + /* + * This can't overflow because |len+want| didn't + * overflow. + */ + len += i; + chunk -= i; + } + if (chunk_max < INT_MAX/2) + chunk_max *= 2; } } if (off + c.slen < off) |