You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
blob_parse_untrusted(), as written, requires that the buffer length be exactly the same of the first blob inside it, the buffer being the memory area of size //attr_len//, pointed to by //attr//.
This can work if that input buffer contains exactly a single blob (which recursively contains other blobs, maybe). But it certainly does not work if there is any padding at the end of the buffer (thus //attr_len > blob_raw_len(attr)//), or if the buffer contains a series of blobs "back-to-back" (like an ucert chain seems to be defined to be).
Just removing the code block below (or adjusting it to use len > attr_len):
len = blob_raw_len(attr);
if (len != attr_len)
return 0;
Won't fix it, because blob_for_each_attr_len() does not actually walk a series of back-to-back blobs anyway (it never updates //attr// and //attr_len//).
So, what is actually the intended usage for this stuff? This really wants to be documented, there is no high-level "what this is supposed to be used for" documentation anywhere in blob.h or blob.c, let alone a proper documentation of every exported function in blob.h/blob.c :-(
Anyway, what ucert -A is doing is incompatible with blob_parse() and also blob_parse_untrusted(), since it wants to deal with a series of blobs back-to-back, and not a single blob that contains other blobs.
The text was updated successfully, but these errors were encountered:
hmh:
blob_parse_untrusted(), as written, requires that the buffer length be exactly the same of the first blob inside it, the buffer being the memory area of size //attr_len//, pointed to by //attr//.
This can work if that input buffer contains exactly a single blob (which recursively contains other blobs, maybe). But it certainly does not work if there is any padding at the end of the buffer (thus //attr_len > blob_raw_len(attr)//), or if the buffer contains a series of blobs "back-to-back" (like an ucert chain seems to be defined to be).
Just removing the code block below (or adjusting it to use len > attr_len):
len = blob_raw_len(attr);
if (len != attr_len)
return 0;
Won't fix it, because blob_for_each_attr_len() does not actually walk a series of back-to-back blobs anyway (it never updates //attr// and //attr_len//).
So, what is actually the intended usage for this stuff? This really wants to be documented, there is no high-level "what this is supposed to be used for" documentation anywhere in blob.h or blob.c, let alone a proper documentation of every exported function in blob.h/blob.c :-(
Anyway, what ucert -A is doing is incompatible with blob_parse() and also blob_parse_untrusted(), since it wants to deal with a series of blobs back-to-back, and not a single blob that contains other blobs.
The text was updated successfully, but these errors were encountered: