diff options
| author | Nick Bastin <nick.bastin@gmail.com> | 2015-12-17 05:28:49 -0800 |
|---|---|---|
| committer | Nick Bastin <nick.bastin@gmail.com> | 2015-12-17 05:28:49 -0800 |
| commit | f9c30b39f28f25c7da462fe16d989c2050dee2a7 (patch) | |
| tree | df6a81c67c74cd4916a6279fc8dbad08d1bc63e0 | |
| parent | 6721fb8dd70a2d392aa70b67b35e3c6efa34230b (diff) | |
| download | cryptography-f9c30b39f28f25c7da462fe16d989c2050dee2a7.tar.gz cryptography-f9c30b39f28f25c7da462fe16d989c2050dee2a7.tar.bz2 cryptography-f9c30b39f28f25c7da462fe16d989c2050dee2a7.zip | |
Avoid IndexError on too-short OIDs, add test for regression
| -rw-r--r-- | src/cryptography/x509/oid.py | 5 | ||||
| -rw-r--r-- | tests/test_x509.py | 4 |
2 files changed, 9 insertions, 0 deletions
diff --git a/src/cryptography/x509/oid.py b/src/cryptography/x509/oid.py index ba77a8b8..f5dc2f81 100644 --- a/src/cryptography/x509/oid.py +++ b/src/cryptography/x509/oid.py @@ -26,6 +26,11 @@ class ObjectIdentifier(object): "Malformed OID: %s (non-integer nodes)" % ( self._dotted_string)) + if len(nodes) < 2: + raise ValueError( + "Malformed OID: %s (insufficient number of nodes)" % ( + self._dotted_string) + if intnodes[0] > 2: raise ValueError( "Malformed OID: %s (first node outside valid range)" % ( diff --git a/tests/test_x509.py b/tests/test_x509.py index 164aff37..ccdff7c4 100644 --- a/tests/test_x509.py +++ b/tests/test_x509.py @@ -3251,6 +3251,10 @@ class TestObjectIdentifier(object): oid = x509.ObjectIdentifier("2.999.1") assert oid._name == 'Unknown OID' + def test_too_short(self): + with pytest.raises(ValueError): + x509.ObjectIdentifier("1") + def test_invalid_input(self): with pytest.raises(ValueError): x509.ObjectIdentifier("notavalidform") |