6 роки тому · 7388f621b8
--- a/vendor/golang.org/x/crypto/cryptobyte/asn1.go
+++ b/vendor/golang.org/x/crypto/cryptobyte/asn1.go
@@ -470,7 +470,8 @@ func (s *String) ReadASN1GeneralizedTime(out *time.Time) bool {
 
				 // It reports whether the read was successful.
			
 
				 func (s *String) ReadASN1BitString(out *encoding_asn1.BitString) bool {
			
 
				 	var bytes String
			
 
				-	if !s.ReadASN1(&bytes, asn1.BIT_STRING) || len(bytes) == 0 {
			
 
				+	if !s.ReadASN1(&bytes, asn1.BIT_STRING) || len(bytes) == 0 ||
			
 
				+		len(bytes)*8/8 != len(bytes) {
			
 
				 		return false
			
 
				 	}
			
 
				 
			
@@ -740,7 +741,7 @@ func (s *String) readASN1(out *String, outTag *asn1.Tag, skipHeader bool) bool {
 
				 		length = headerLen + len32
			
 
				 	}
			
 
				 
			
 
				-	if uint32(int(length)) != length || !s.ReadBytes((*[]byte)(out), int(length)) {
			
 
				+	if int(length) < 0 || !s.ReadBytes((*[]byte)(out), int(length)) {
			
 
				 		return false
			
 
				 	}
			
 
				 	if skipHeader && !out.Skip(int(headerLen)) {
			
--- a/vendor/golang.org/x/crypto/cryptobyte/string.go
+++ b/vendor/golang.org/x/crypto/cryptobyte/string.go
@@ -24,7 +24,7 @@ type String []byte
 
				 // read advances a String by n bytes and returns them. If less than n bytes
			
 
				 // remain, it returns nil.
			
 
				 func (s *String) read(n int) []byte {
			
 
				-	if len(*s) < n {
			
 
				+	if len(*s) < n || n < 0 {
			
 
				 		return nil
			
 
				 	}
			
 
				 	v := (*s)[:n]
			
@@ -105,11 +105,6 @@ func (s *String) readLengthPrefixed(lenLen int, outChild *String) bool {
 
				 		length = length << 8
			
 
				 		length = length | uint32(b)
			
 
				 	}
			
 
				-	if int(length) < 0 {
			
 
				-		// This currently cannot overflow because we read uint24 at most, but check
			
 
				-		// anyway in case that changes in the future.
			
 
				-		return false
			
 
				-	}
			
 
				 	v := s.read(int(length))
			
 
				 	if v == nil {
			
 
				 		return false
			
--- a/vendor/vendor.json
+++ b/vendor/vendor.json
@@ -604,10 +604,10 @@
 
				 			"revisionTime": "2019-02-05T21:23:42Z"
			
 
				 		},
			
 
				 		{
			
 
				-			"checksumSHA1": "1ezNasqd516o9HG59beqc5s+2Ro=",
			
 
				+			"checksumSHA1": "doZpjkzTAPKKLXeKMJZfIL0T5Nw=",
			
 
				 			"path": "golang.org/x/crypto/cryptobyte",
			
 
				-			"revision": "a1f597ede03a7bef967a422b5b3a5bd08805a01e",
			
 
				-			"revisionTime": "2019-02-05T21:23:42Z"
			
 
				+			"revision": "1d94cc7ab1c630336ab82ccb9c9cda72a875c382",
			
 
				+			"revisionTime": "2020-02-12T18:29:22Z"
			
 
				 		},
			
 
				 		{
			
 
				 			"checksumSHA1": "YEoV2AiZZPDuF7pMVzDt7buS9gc=",