From 21f2eacb456c933df98a59a78143dfd1a05bb951 Mon Sep 17 00:00:00 2001
From: Peter Dettman <peter.dettman@bouncycastle.org>
Date: Sat, 14 Nov 2015 17:29:37 +0700
Subject: Check there is no trailing data in Asn1Object.FromByteArray

---
 crypto/src/asn1/Asn1Object.cs         | 13 +++++++++----
 crypto/src/crypto/tls/TlsUtilities.cs |  5 +++--
 2 files changed, 12 insertions(+), 6 deletions(-)

(limited to 'crypto/src')

diff --git a/crypto/src/asn1/Asn1Object.cs b/crypto/src/asn1/Asn1Object.cs
index 08bd599c1..a86fdbb4a 100644
--- a/crypto/src/asn1/Asn1Object.cs
+++ b/crypto/src/asn1/Asn1Object.cs
@@ -13,13 +13,18 @@ namespace Org.BouncyCastle.Asn1
 		public static Asn1Object FromByteArray(
 			byte[] data)
 		{
-			try
+            try
 			{
-				return new Asn1InputStream(data).ReadObject();
+                MemoryStream input = new MemoryStream(data, false);
+                Asn1InputStream asn1 = new Asn1InputStream(input, data.Length);
+                Asn1Object result = asn1.ReadObject();
+                if (input.Position != input.Length)
+                    throw new IOException("extra data found after object");
+                return result;
 			}
 			catch (InvalidCastException)
 			{
-				throw new IOException("cannot recognise object in stream");    
+				throw new IOException("cannot recognise object in byte array");
 			}
 		}
 
@@ -36,7 +41,7 @@ namespace Org.BouncyCastle.Asn1
 			}
 			catch (InvalidCastException)
 			{
-				throw new IOException("cannot recognise object in stream");    
+				throw new IOException("cannot recognise object in stream");
 			}
 		}
 
diff --git a/crypto/src/crypto/tls/TlsUtilities.cs b/crypto/src/crypto/tls/TlsUtilities.cs
index a8c8a2b28..26fb0d5e8 100644
--- a/crypto/src/crypto/tls/TlsUtilities.cs
+++ b/crypto/src/crypto/tls/TlsUtilities.cs
@@ -529,11 +529,12 @@ namespace Org.BouncyCastle.Crypto.Tls
 
         public static Asn1Object ReadAsn1Object(byte[] encoding)
         {
-            Asn1InputStream asn1 = new Asn1InputStream(encoding);
+            MemoryStream input = new MemoryStream(encoding, false);
+            Asn1InputStream asn1 = new Asn1InputStream(input, encoding.Length);
             Asn1Object result = asn1.ReadObject();
             if (null == result)
                 throw new TlsFatalAlert(AlertDescription.decode_error);
-            if (null != asn1.ReadObject())
+            if (input.Position != input.Length)
                 throw new TlsFatalAlert(AlertDescription.decode_error);
             return result;
         }
-- 
cgit 1.5.1