Skip to content

avoid classcastexception in cms signerinfo decode via getinstance#2342

Open
rootvector2 wants to merge 1 commit into
bcgit:mainfrom
rootvector2:cms-signerinfo-getinstance
Open

avoid classcastexception in cms signerinfo decode via getinstance#2342
rootvector2 wants to merge 1 commit into
bcgit:mainfrom
rootvector2:cms-signerinfo-getinstance

Conversation

@rootvector2

Copy link
Copy Markdown
Contributor

SignerInfo's decode constructor cast the version and trailing unsignedAttrs elements instead of using getInstance, so a malformed-but-parseable CMS message leaks a ClassCastException past CMSSignedData.verifySignatures()'s throws CMSException contract when getSignerInfos() / getCounterSignatures() enumerate the signers outside the getSignedData() cast guard; found while checking siblings of the recent asn1.cms.Attribute type-check, fixed by decoding via ASN1Integer.getInstance / ASN1TaggedObject.getInstance to match the already-hardened asn1.pkcs.SignerInfo.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant