net/cert/internal/parse_certificate.cc - Issue 2341943002: Add error details to TBSCertificate parsing function and tests.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: net/cert/internal/parse_certificate.cc

Issue 2341943002: Add error details to TBSCertificate parsing function and tests. (Closed)

Patch Set: fix fuzzer compile Created 4 years, 3 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: net/cert/internal/parse_certificate.cc

diff --git a/net/cert/internal/parse_certificate.cc b/net/cert/internal/parse_certificate.cc

index c888d73e3e7cbc64e9a830859fa363ef2510ee1e..291e91c28bfde0c58d65fb920eae072c6966b631 100644

--- a/net/cert/internal/parse_certificate.cc

+++ b/net/cert/internal/parse_certificate.cc

@@ -30,6 +30,9 @@ DEFINE_CERT_ERROR_ID(

DEFINE_CERT_ERROR_ID(kSignatureValueNotBitString,

"Couldn't read Certificate.signatureValue as BIT STRING");

+DEFINE_CERT_ERROR_ID(kUnconsumedDataInsideTbsCertificateSequence,

+ "Unconsumed data inside TBSCertificate");

// Returns true if |input| is a SEQUENCE and nothing else.

WARN_UNUSED_RESULT bool IsSequenceTLV(const der::Input& input) {

der::Parser parser(input);

@@ -258,7 +261,16 @@ bool ParseCertificate(const der::Input& certificate_tlv,

// }

bool ParseTbsCertificate(const der::Input& tbs_tlv,

const ParseCertificateOptions& options,

- ParsedTbsCertificate* out) {

+ ParsedTbsCertificate* out,

+ CertErrors* errors) {

+ // The rest of this function assumes that |errors| is non-null.

+ if (!errors) {

+ CertErrors unused_errors;

+ return ParseTbsCertificate(tbs_tlv, options, out, &unused_errors);

+ }

+ // TODO(crbug.com/634443): Add useful error information to |errors|.

der::Parser parser(tbs_tlv);

// Certificate ::= SEQUENCE {

@@ -374,8 +386,10 @@ bool ParseTbsCertificate(const der::Input& tbs_tlv,

// However because only v1, v2, and v3 certificates are supported by the

// parsing, there shouldn't be any subsequent data in those versions, so

// reject.

- if (tbs_parser.HasMore())

+ if (tbs_parser.HasMore()) {

+ errors->AddError(kUnconsumedDataInsideTbsCertificateSequence);

return false;

+ }

// By definition the input was a single TBSCertificate, so there shouldn't be

// unconsumed data.

« no previous file with comments | « net/cert/internal/parse_certificate.h ('k') | net/cert/internal/parse_certificate_fuzzer.cc » ('j') | no next file with comments »