Cypherpunks repositories - gostls13.git/commit

author	David Benjamin <davidben@google.com>
	Tue, 5 Jan 2016 00:16:28 +0000 (16:16 -0800)
committer	Russ Cox <rsc@golang.org>
	Wed, 6 Jan 2016 01:41:27 +0000 (01:41 +0000)
commit	7f96e266ec684943acfc1164a18d2cf005e03ef6
tree	2407d2b25c3a66f48ae54a7d336049b8d54872ec	tree
parent	ace1738f9c1ad3d351c49cb9ca0811334a24585f	commit \| diff

encoding/asn1: fix off-by-one in parseBase128Int.

parseBase128Int compares |shifted| with four, seemingly to ensure the result
fits in an int32 on 32-bit platforms where int is 32-bit. However, there is an
off-by-one in this logic, so it actually allows five shifts, making the maximum
tag number or OID component 2^35-1.

Fix this so the maximum is 2^28-1 which should be plenty for OID components and
tag numbers while not overflowing on 32-bit platforms.

Change-Id: If825b30cc53a0fc08e68ea1a24d265e7eb1a13a4
Reviewed-on: https://go-review.googlesource.com/18225
Reviewed-by: Adam Langley <agl@golang.org>
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
Reviewed-by: Russ Cox <rsc@golang.org>

src/encoding/asn1/asn1.go		diff \| blob \| history
src/encoding/asn1/asn1_test.go		diff \| blob \| history