update parseCertificate() to guarantee version cannot be negative

iljavs · web-flow · commit 88ee12709731 · 2022-08-30T23:43:18.000+02:00
After the call to ReadOptionalASN1Integer() Version can be really large (e.g., 2,147,483,647) when performing the Version++ on line 823. In that case it would then wrap, leading to a negative Version, which will pass the version check on line 824. 

This change adds a check to make sure Version is reasonable prior to the increment, thereby guaranteeing it will not wrap.
diff --git a/src/crypto/x509/parser.go b/src/crypto/x509/parser.go
@@ -815,7 +815,7 @@ func parseCertificate(der []byte) (*Certificate, error) {
 	if !tbs.ReadOptionalASN1Integer(&cert.Version, cryptobyte_asn1.Tag(0).Constructed().ContextSpecific(), 0) {
 		return nil, errors.New("x509: malformed version")
 	}
-	if cert.Version < 0 {
+	if cert.Version < 0 || cert.Version > 3 {
 		return nil, errors.New("x509: malformed version")
 	}
 	// for backwards compat reasons Version is one-indexed,

Original file line number	Diff line number	Diff line change
`@@ -815,7 +815,7 @@ func parseCertificate(der []byte) (*Certificate, error) {`
`815`	`815`	`if !tbs.ReadOptionalASN1Integer(&cert.Version, cryptobyte_asn1.Tag(0).Constructed().ContextSpecific(), 0) {`
`816`	`816`	`return nil, errors.New("x509: malformed version")`
`817`	`817`	`}`
`818`		`- if cert.Version < 0 {`
	`818`	`+ if cert.Version < 0 \|\| cert.Version > 3 {`
`819`	`819`	`return nil, errors.New("x509: malformed version")`
`820`	`820`	`}`
`821`	`821`	`// for backwards compat reasons Version is one-indexed,`