On Mon, Feb 05, 2024 at 07:08:48PM +0000, Job Snijders wrote:
> It is possible that a given ASN.1 template generated d2i_*() function
> didn't consume all data, so there is a potential for malleability?

Yes. The econtent is a sequence (which means it could be the
concatenation of several DER "blobs"). We would only deserialize
the first one and not even notice blobs following it.

> The solution is to have the callers check whether everything was
> consumed: if not, error out.
> 
> We already do this for CMS/CRL/X509, this diff extends the pattern to
> eContent handling.

ok tb