MyFavMirrors/MeshCentral
1
0
Fork 0
mirror of https://github.com/Ylianst/MeshCentral.git synced 2024-12-26 23:25:53 -05:00
Code Issues Packages Projects Releases Wiki Activity

Added exception guard in authenticode.js

Browse Source
This commit is contained in:
Ylian Saint-Hilaire 2022-06-01 14:36:00 -07:00
parent 286c34799e
commit 2758af8c11
1 changed files with 23 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

45
authenticode.js
View File

@ -216,32 +216,33 @@ function createAuthenticodeHandler(path) {
// Get the signing attributes // Get the signing attributes
obj.signingAttribs = []; obj.signingAttribs = [];
for (var i in pkcs7.rawCapture.authenticatedAttributes) { try {
if ( for (var i in pkcs7.rawCapture.authenticatedAttributes) {
(pkcs7.rawCapture.authenticatedAttributes[i].value != null) && if (
(pkcs7.rawCapture.authenticatedAttributes[i].value[0] != null) && (pkcs7.rawCapture.authenticatedAttributes[i].value != null) &&
(pkcs7.rawCapture.authenticatedAttributes[i].value[0].value != null) && (pkcs7.rawCapture.authenticatedAttributes[i].value[0] != null) &&
(pkcs7.rawCapture.authenticatedAttributes[i].value[1] != null) && (pkcs7.rawCapture.authenticatedAttributes[i].value[0].value != null) &&
(pkcs7.rawCapture.authenticatedAttributes[i].value[1].value != null) && (pkcs7.rawCapture.authenticatedAttributes[i].value[1] != null) &&
(forge.asn1.derToOid(pkcs7.rawCapture.authenticatedAttributes[i].value[0].value) == obj.Oids.SPC_SP_OPUS_INFO_OBJID)) (pkcs7.rawCapture.authenticatedAttributes[i].value[1].value != null) &&
{ (forge.asn1.derToOid(pkcs7.rawCapture.authenticatedAttributes[i].value[0].value) == obj.Oids.SPC_SP_OPUS_INFO_OBJID)) {
for (var j in pkcs7.rawCapture.authenticatedAttributes[i].value[1].value[0].value) { for (var j in pkcs7.rawCapture.authenticatedAttributes[i].value[1].value[0].value) {
if ( if (
(pkcs7.rawCapture.authenticatedAttributes[i].value[1].value[0].value[j] != null) && (pkcs7.rawCapture.authenticatedAttributes[i].value[1].value[0].value[j] != null) &&
(pkcs7.rawCapture.authenticatedAttributes[i].value[1].value[0].value[j].value != null) && (pkcs7.rawCapture.authenticatedAttributes[i].value[1].value[0].value[j].value != null) &&
(pkcs7.rawCapture.authenticatedAttributes[i].value[1].value[0].value[j].value[0] != null) && (pkcs7.rawCapture.authenticatedAttributes[i].value[1].value[0].value[j].value[0] != null) &&
(pkcs7.rawCapture.authenticatedAttributes[i].value[1].value[0].value[j].value[0].value != null) (pkcs7.rawCapture.authenticatedAttributes[i].value[1].value[0].value[j].value[0].value != null)
) { ) {
var v = pkcs7.rawCapture.authenticatedAttributes[i].value[1].value[0].value[j].value[0].value; var v = pkcs7.rawCapture.authenticatedAttributes[i].value[1].value[0].value[j].value[0].value;
if (v.startsWith('http://') || v.startsWith('https://') || ((v.length % 2) == 1)) { obj.signingAttribs.push(v); } else { if (v.startsWith('http://') || v.startsWith('https://') || ((v.length % 2) == 1)) { obj.signingAttribs.push(v); } else {
var r = ""; // This string value is in UCS2 format, convert it to a normal string. var r = ""; // This string value is in UCS2 format, convert it to a normal string.
for (var k = 0; k < v.length; k += 2) { r += String.fromCharCode((v.charCodeAt(k + 8) << 8) + v.charCodeAt(k + 1)); } for (var k = 0; k < v.length; k += 2) { r += String.fromCharCode((v.charCodeAt(k + 8) << 8) + v.charCodeAt(k + 1)); }
obj.signingAttribs.push(r); obj.signingAttribs.push(r);
}
} }
} }
} }
} }
} } catch (ex) { }
// Set the certificate chain // Set the certificate chain
obj.certificates = pkcs7.certificates; obj.certificates = pkcs7.certificates;