v1.1.8: bugfix increase incorrect loop limit for eager parsing

v1.1.7: bugfix (non-fatal) false positive error message
v1.1.6: bugfix nesting error check
2019-03-02 13:19:18 -07:00 · 2018-12-16 23:58:18 -07:00 · 2018-12-16 23:12:06 -07:00
2 changed files with 10 additions and 6 deletions
--- a/asn1-parser.js
+++ b/asn1-parser.js
@ -17,9 +17,12 @@ var PEM = exports.PEM;
 // Parser
 //
-ASN1.ELOOPN = 20; // I've seen 9 max in https certificates
+// Although I've only seen 9 max in https certificates themselves,
 // but each domain list could have up to 100
 ASN1.ELOOPN = 102;
 ASN1.ELOOP = "uASN1.js Error: iterated over " + ASN1.ELOOPN + "+ elements (probably a malformed file)";
-ASN1.EDEEPN = 60; // I've seen 29 deep in https certificates
+// I've seen https certificates go 29 deep
 ASN1.EDEEPN = 60;
 ASN1.EDEEP = "uASN1.js Error: element nested " + ASN1.EDEEPN + "+ layers deep (probably a malformed file)";
 // Container Types are Sequence 0x30, Container Array? (0xA0, 0xA1)
 // Value Types are Boolean 0x01, Integer 0x02, Null 0x05, Object ID 0x06, String 0x0C, 0x16, 0x13, 0x1e Value Array? (0x82)
@ -29,7 +32,7 @@ ASN1.CTYPES = [ 0x30, 0x31, 0xa0, 0xa1 ];
 ASN1.VTYPES = [ 0x01, 0x02, 0x05, 0x06, 0x0c, 0x82 ];
 ASN1.parse = function parseAsn1Helper(buf) {
  //var ws = '  ';
-  function parseAsn1(buf, depth) {
+  function parseAsn1(buf, depth, eager) {
    if (depth.length >= ASN1.EDEEPN) { throw new Error(ASN1.EDEEP); }
    var index = 2; // we know, at minimum, data starts after type (0) and lengthSize (1)
@ -66,7 +69,8 @@ ASN1.parse = function parseAsn1Helper(buf) {
      while (iters < ASN1.ELOOPN && index < (2 + asn1.length + asn1.lengthSize)) {
        iters += 1;
        depth.length += 1;
-        child = parseAsn1(buf.slice(index, index + adjustedLen), depth);
+        child = parseAsn1(buf.slice(index, index + adjustedLen), depth, eager);
        depth.length -= 1;
        // The numbers don't match up exactly and I don't remember why...
        // probably something with adjustedLen or some such, but the tests pass
        index += (2 + child.lengthSize + child.length);
@ -91,7 +95,7 @@ ASN1.parse = function parseAsn1Helper(buf) {
    }
    // Recurse into types that are _always_ containers
-    if (-1 !== ASN1.CTYPES.indexOf(asn1.type)) { return parseChildren(); }
+    if (-1 !== ASN1.CTYPES.indexOf(asn1.type)) { return parseChildren(eager); }
    // Return types that are _always_ values
    asn1.value = buf.slice(index, index + adjustedLen);
--- a/package.json
+++ b/package.json
@ -1,6 +1,6 @@
 {
  "name": "asn1-parser",
-  "version": "1.1.5",
+  "version": "1.1.8",
  "description": "An ASN.1 parser in less than 100 lines of Vanilla JavaScript, part of the Bluecrypt suite.",
  "homepage": "https://git.coolaj86.com/coolaj86/asn1-parser.js",
  "main": "asn1-parser.js",
Author	SHA1	Message	Date
AJ ONeal	9511f1e130	v1.1.8: bugfix increase incorrect loop limit for eager parsing	2019-03-02 13:19:18 -07:00
AJ ONeal	9563ffc259	v1.1.7: bugfix (non-fatal) false positive error message	2018-12-16 23:58:18 -07:00
AJ ONeal	5c81c5d49f	v1.1.6: bugfix nesting error check	2018-12-16 23:12:06 -07:00