aboutsummaryrefslogtreecommitdiffstats
path: root/src/lib
diff options
context:
space:
mode:
authorJack Lloyd <[email protected]>2016-02-09 07:29:49 -0500
committerJack Lloyd <[email protected]>2016-02-09 07:29:49 -0500
commit7c57af4436e765be9fc3fea37c35d452b0ecb3c9 (patch)
tree49b174900a3ee9a3cc889dcd4ca1e64dd23b8938 /src/lib
parent86dd5511d873846f57b235531dda428b9498cf6a (diff)
Add asserts to help out Coverity
It somehow deduces an input that is both > 0 and for which high_bit never finds a bit set and returns 0. In both cases that would lead to block being 0 and a negative shift.
Diffstat (limited to 'src/lib')
-rw-r--r--src/lib/asn1/asn1_oid.cpp2
-rw-r--r--src/lib/asn1/der_enc.cpp2
2 files changed, 4 insertions, 0 deletions
diff --git a/src/lib/asn1/asn1_oid.cpp b/src/lib/asn1/asn1_oid.cpp
index 67af91afc..5b0a557d2 100644
--- a/src/lib/asn1/asn1_oid.cpp
+++ b/src/lib/asn1/asn1_oid.cpp
@@ -141,6 +141,8 @@ void OID::encode_into(DER_Encoder& der) const
size_t blocks = high_bit(m_id[i]) + 6;
blocks = (blocks - (blocks % 7)) / 7;
+ BOTAN_ASSERT(blocks > 0, "Math works");
+
for(size_t j = 0; j != blocks - 1; ++j)
encoding.push_back(0x80 | ((m_id[i] >> 7*(blocks-j-1)) & 0x7F));
encoding.push_back(m_id[i] & 0x7F);
diff --git a/src/lib/asn1/der_enc.cpp b/src/lib/asn1/der_enc.cpp
index 871171153..c5c2b4803 100644
--- a/src/lib/asn1/der_enc.cpp
+++ b/src/lib/asn1/der_enc.cpp
@@ -34,6 +34,8 @@ secure_vector<byte> encode_tag(ASN1_Tag type_tag, ASN1_Tag class_tag)
size_t blocks = high_bit(type_tag) + 6;
blocks = (blocks - (blocks % 7)) / 7;
+ BOTAN_ASSERT(blocks > 0, "Math works");
+
encoded_tag.push_back(class_tag | 0x1F);
for(size_t i = 0; i != blocks - 1; ++i)
encoded_tag.push_back(0x80 | ((type_tag >> 7*(blocks-i-1)) & 0x7F));