scsi: qla2xxx: Fix mtcp dump collection failure

[sagit-ice-cold/kernel_xiaomi_msm8998.git] / lib / asn1_decoder.c
diff --git a/lib/asn1_decoder.c b/lib/asn1_decoder.c

index 2b3f46c..76d1103 100644 (file)
--- a/lib/asn1_decoder.c
+++ b/lib/asn1_decoder.c
@@ -74,7 +74,7 @@ next_tag:
  
         /* Extract a tag from the data */
         tag = data[dp++];
-       if (tag == 0) {
+       if (tag == ASN1_EOC) {
                 /* It appears to be an EOC. */
                 if (data[dp++] != 0)
                         goto invalid_eoc;
@@ -96,10 +96,8 @@ next_tag:
  
         /* Extract the length */
         len = data[dp++];
-       if (len <= 0x7f) {
-               dp += len;
-               goto next_tag;
-       }
+       if (len <= 0x7f)
+               goto check_length;
  
         if (unlikely(len == ASN1_INDEFINITE_LENGTH)) {
                 /* Indefinite length */
@@ -110,14 +108,18 @@ next_tag:
         }
  
         n = len - 0x80;
-       if (unlikely(n > sizeof(size_t) - 1))
+       if (unlikely(n > sizeof(len) - 1))
                 goto length_too_long;
         if (unlikely(n > datalen - dp))
                 goto data_overrun_error;
-       for (len = 0; n > 0; n--) {
+       len = 0;
+       for (; n > 0; n--) {
                 len <<= 8;
                 len |= data[dp++];
         }
+check_length:
+       if (len > datalen - dp)
+               goto data_overrun_error;
         dp += len;
         goto next_tag;
  
@@ -225,7 +227,7 @@ next_op:
                 hdr = 2;
  
                 /* Extract a tag from the data */
-               if (unlikely(dp >= datalen - 1))
+               if (unlikely(datalen - dp < 2))
                         goto data_overrun_error;
                 tag = data[dp++];
                 if (unlikely((tag & 0x1f) == ASN1_LONG_TAG))
@@ -271,7 +273,7 @@ next_op:
                                 int n = len - 0x80;
                                 if (unlikely(n > 2))
                                         goto length_too_long;
-                               if (unlikely(dp >= datalen - n))
+                               if (unlikely(n > datalen - dp))
                                         goto data_overrun_error;
                                 hdr += n;
                                 for (len = 0; n > 0; n--) {
@@ -281,6 +283,9 @@ next_op:
                                 if (unlikely(len > datalen - dp))
                                         goto data_overrun_error;
                         }
+               } else {
+                       if (unlikely(len > datalen - dp))
+                               goto data_overrun_error;
                 }
  
                 if (flags & FLAG_CONS) {
@@ -307,42 +312,47 @@ next_op:
  
         /* Decide how to handle the operation */
         switch (op) {
-       case ASN1_OP_MATCH_ANY_ACT:
-       case ASN1_OP_MATCH_ANY_ACT_OR_SKIP:
-       case ASN1_OP_COND_MATCH_ANY_ACT:
-       case ASN1_OP_COND_MATCH_ANY_ACT_OR_SKIP:
-               ret = actions[machine[pc + 1]](context, hdr, tag, data + dp, len);
-               if (ret < 0)
-                       return ret;
-               goto skip_data;
-
-       case ASN1_OP_MATCH_ACT:
-       case ASN1_OP_MATCH_ACT_OR_SKIP:
-       case ASN1_OP_COND_MATCH_ACT_OR_SKIP:
-               ret = actions[machine[pc + 2]](context, hdr, tag, data + dp, len);
-               if (ret < 0)
-                       return ret;
-               goto skip_data;
-
         case ASN1_OP_MATCH:
         case ASN1_OP_MATCH_OR_SKIP:
+       case ASN1_OP_MATCH_ACT:
+       case ASN1_OP_MATCH_ACT_OR_SKIP:
         case ASN1_OP_MATCH_ANY:
         case ASN1_OP_MATCH_ANY_OR_SKIP:
+       case ASN1_OP_MATCH_ANY_ACT:
+       case ASN1_OP_MATCH_ANY_ACT_OR_SKIP:
         case ASN1_OP_COND_MATCH_OR_SKIP:
+       case ASN1_OP_COND_MATCH_ACT_OR_SKIP:
         case ASN1_OP_COND_MATCH_ANY:
         case ASN1_OP_COND_MATCH_ANY_OR_SKIP:
-       skip_data:
+       case ASN1_OP_COND_MATCH_ANY_ACT:
+       case ASN1_OP_COND_MATCH_ANY_ACT_OR_SKIP:
+
                 if (!(flags & FLAG_CONS)) {
                         if (flags & FLAG_INDEFINITE_LENGTH) {
+                               size_t tmp = dp;
+
                                 ret = asn1_find_indefinite_length(
-                                       data, datalen, &dp, &len, &errmsg);
+                                       data, datalen, &tmp, &len, &errmsg);
                                 if (ret < 0)
                                         goto error;
-                       } else {
-                               dp += len;
                         }
                         pr_debug("- LEAF: %zu\n", len);
                 }
+
+               if (op & ASN1_OP_MATCH__ACT) {
+                       unsigned char act;
+
+                       if (op & ASN1_OP_MATCH__ANY)
+                               act = machine[pc + 1];
+                       else
+                               act = machine[pc + 2];
+                       ret = actions[act](context, hdr, tag, data + dp, len);
+                       if (ret < 0)
+                               return ret;
+               }
+
+               if (!(flags & FLAG_CONS))
+                       dp += len;
                 pc += asn1_op_lengths[op];
                 goto next_op;
  
@@ -428,6 +438,8 @@ next_op:
                         else
                                 act = machine[pc + 1];
                         ret = actions[act](context, hdr, 0, data + tdp, len);
+                       if (ret < 0)
+                               return ret;
                 }
                 pc += asn1_op_lengths[op];
                 goto next_op;