[Date Prev][Date Next]
Re: (ITS#6215) liblber problems
Fixed the above, including malformed bitstrings and set/sequences.
Need decision on decode(bad INTEGER/BOOLEAN) and encode(bad tag):
> - decode.c is quite lax about what it accepts. Should we tighten
> that when feasible, or remain "liberal in what we accept"?
> E.g. it accepts BER INTEGER length 0 and BOOLEAN length != 1, and
> wrong CONSTRUCTED/PRIMITIVE encoding bit.
> - encode.c willingly stores broken identifier octets if passed an
> invalid tag, e.g. a single octet with low bits 0x1F implying long tag
> format. I'm inclined to leave that alone, caller's responsibility.
I'll export the new function ber_peek_element(). And if nobody
disagrees, the matching function ber_skip_element() even though
that is nearly a duplicate of ber_get_stringbv(,, LBER_BV_NOTERM).