cryptobyte: fix parsing of large ASN.1 OIDs

Fixes golang/go#49678

Change-Id: If8a40e25edd810a66165ab78dd68d9b7fc2699f8
Reviewed-on: https://go-review.googlesource.com/c/crypto/+/365674
Reviewed-by: Filippo Valsorda <[email protected]>
Run-TryBot: Filippo Valsorda <[email protected]>
Trust: Alex Rakoczy <[email protected]>
Trust: Bryan Mills <[email protected]>
TryBot-Result: Gopher Robot <[email protected]>

Author: umlublin

cryptobyte/asn1.go

@@ -407,7 +407,12 @@ func (s *String) ReadASN1Enum(out *int) bool {
 func (s *String) readBase128Int(out *int) bool {
 	ret := 0
 	for i := 0; len(*s) > 0; i++ {
-		if i == 4 {
+		if i == 5 {
+			return false
+		}
+		// Avoid overflowing int on a 32-bit platform.
+		// We don't want different behavior based on the architecture.
+		if ret >= 1<<(31-7) {
 			return false
 		}
 		ret <<= 7

cryptobyte/asn1_test.go

@@ -247,6 +247,9 @@ func TestASN1ObjectIdentifier(t *testing.T) {
 		{[]byte{6, 4, 85, 0x02, 0xc0, 0x00}, true, []int{2, 5, 2, 0x2000}},
 		{[]byte{6, 3, 0x81, 0x34, 0x03}, true, []int{2, 100, 3}},
 		{[]byte{6, 7, 85, 0x02, 0xc0, 0x80, 0x80, 0x80, 0x80}, false, []int{}},
+		{[]byte{6, 7, 85, 0x02, 0x85, 0xc7, 0xcc, 0xfb, 0x01}, true, []int{2, 5, 2, 1492336001}},
+		{[]byte{6, 7, 0x55, 0x02, 0x87, 0xff, 0xff, 0xff, 0x7f}, true, []int{2, 5, 2, 2147483647}}, // 2**31-1
+		{[]byte{6, 7, 0x55, 0x02, 0x88, 0x80, 0x80, 0x80, 0x00}, false, []int{}},                   // 2**31
 	}
 
 	for i, test := range testData {