encoding/asn1: index out of range

Question

encoding/asn1: index out of range

dvyukov opened this issue 9 years ago · 1 comments

The following program crashes with the panic:

package main

import "encoding/asn1"

func main() {
    asn1.Unmarshal([]byte("0\b\x02\x010@\x010\xa00"), new(X))
}

type X struct {
    A  int
    A1 int `asn1:"application"`
    A2 int `asn1:"optional"`
    A3 int `asn1:"optional,default:123"`
    A4 int `asn1:"explicit"`
    A5 int `asn1:"tag:0"`
}

panic: runtime error: index out of range

goroutine 1 [running]:
encoding/asn1.parseTagAndLength(0xc20800a472, 0x8, 0xe, 0x8, 0x2, 0x0, 0x0, 0x1, 0x8, 0x0, ...)
    src/encoding/asn1/asn1.go:393 +0x43d
encoding/asn1.parseField(0x4e95a0, 0xc208016410, 0xc2, 0xc20800a472, 0x8, 0xe, 0x6, 0x100, 0x0, 0xc20800a550, ...)
    src/encoding/asn1/asn1.go:617 +0x1329
encoding/asn1.parseField(0x5223e0, 0xc2080163f0, 0xd9, 0xc20800a470, 0xa, 0x10, 0x0, 0x0, 0x0, 0x0, ...)
    src/encoding/asn1/asn1.go:781 +0x3238
encoding/asn1.UnmarshalWithParams(0xc20800a470, 0xa, 0x10, 0x4dd000, 0xc2080163f0, 0x0, 0x0, 0x0, 0x0, 0x0, ...)
    src/encoding/asn1/asn1.go:920 +0x16e
encoding/asn1.Unmarshal(0xc20800a470, 0xa, 0x10, 0x4dd000, 0xc2080163f0, 0x0, 0x0, 0x0, 0x0, 0x0)
    src/encoding/asn1/asn1.go:913 +0x8f
main.main()
    asn1.go:6 +0x96

on commit b0532a9

Answer 1 · 2015-06-13T20:42:18.000Z

Kyle Isom also found this (and also with go-fuzz I suspect). I created #11154 for that.