diff options
Diffstat (limited to 'vendor/phpseclib/phpseclib/phpseclib/File/ASN1.php')
-rw-r--r-- | vendor/phpseclib/phpseclib/phpseclib/File/ASN1.php | 17 |
1 files changed, 16 insertions, 1 deletions
diff --git a/vendor/phpseclib/phpseclib/phpseclib/File/ASN1.php b/vendor/phpseclib/phpseclib/phpseclib/File/ASN1.php index fb2d64485..dba99de73 100644 --- a/vendor/phpseclib/phpseclib/phpseclib/File/ASN1.php +++ b/vendor/phpseclib/phpseclib/phpseclib/File/ASN1.php @@ -144,6 +144,16 @@ class ASN1 var $filters; /** + * Current Location of most recent ASN.1 encode process + * + * Useful for debug purposes + * + * @var array + * @see self::encode_der() + */ + var $location; + + /** * Type mapping table for the ANY type. * * Structured or unknown types are mapped to a \phpseclib\File\ASN1\Element. @@ -1166,6 +1176,11 @@ class ASN1 $oid = array(); $pos = 0; $len = strlen($content); + // see https://github.com/openjdk/jdk/blob/2deb318c9f047ec5a4b160d66a4b52f93688ec42/src/java.base/share/classes/sun/security/util/ObjectIdentifier.java#L55 + if ($len > 4096) { + //user_error('Object Identifier size is limited to 4096 bytes'); + return false; + } if (ord($content[$len - 1]) & 0x80) { return false; @@ -1431,7 +1446,7 @@ class ASN1 return false; } break; - case ($c & 0x80000000) != 0: + case ($c & (PHP_INT_SIZE == 8 ? 0x80000000 : (1 << 31))) != 0: return false; case $c >= 0x04000000: $v .= chr(0x80 | ($c & 0x3F)); |