package main
import "github.com/veraison/go-cose"
func main() {
b := []byte("҄C\xa100\xa100T00000000000000000000\xcbA0000000000")
var msg cose.Sign1Message
err := msg.UnmarshalCBOR(b)
if err == nil {
panic("error expected!")
}
}
What did you expect to see?
UnmarshalCBOR returns an error due to malformed COSE_Sign1 message
What did you see instead?
UnmarshalCBOR does not return an error.
Notice that the []byte("҄C\xa100\xa100T00000000000000000000\xcbA0000000000") input has an invalid Signature type. It is a semantic tag, major type 6, when it should be a must be a byte string, major type 2, as per RFC8152, Section 4.2
shizhMSFT
commented
2 years ago
Found via fuzzing.
What did you do?
What did you expect to see?
UnmarshalCBOR returns an error due to malformed COSE_Sign1 message
What did you see instead?
UnmarshalCBOR does not return an error.
Notice that the
[]byte("҄C\xa100\xa100T00000000000000000000\xcbA0000000000")input has an invalid Signature type. It is a semantic tag, major type 6, when it should be a must be a byte string, major type 2, as per RFC8152, Section 4.2