From: terrafrost <terrafrost@gmail.com>
Date: Fri, 2 Apr 2021 10:43:15 -0500
Subject: ASN1: don't allow last octet in OID to have MSB set

Origin: upstream, https://github.com/phpseclib/phpseclib/commit/6ddc6c0c533b535d67bebcd0b8b1fa4f236f0340
Bug: https://github.com/phpseclib/phpseclib/pull/1635
---
 phpseclib/File/ASN1.php | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/phpseclib/File/ASN1.php b/phpseclib/File/ASN1.php
index 807ca88..e374a56 100644
--- a/phpseclib/File/ASN1.php
+++ b/phpseclib/File/ASN1.php
@@ -435,6 +435,9 @@ class ASN1
                 break;
             case self::TYPE_OBJECT_IDENTIFIER:
                 $current['content'] = $this->_decodeOID(substr($content, $content_pos));
+                if ($current['content'] === false) {
+                    return false;
+                }
                 break;
             /* Each character string type shall be encoded as if it had been declared:
                [UNIVERSAL x] IMPLICIT OCTET STRING
@@ -1127,6 +1130,11 @@ class ASN1
         $oid = array();
         $pos = 0;
         $len = strlen($content);
+
+        if (ord($content[$len - 1]) & 0x80) {
+            return false;
+        }
+
         $n = new BigInteger();
         while ($pos < $len) {
             $temp = ord($content[$pos++]);