From cfb0fdbbb1cc73a349962bddebe53770910334a4 Mon Sep 17 00:00:00 2001
From: Daniel Huigens <d.huigens@protonmail.com>
Date: Mon, 26 Mar 2018 19:02:01 +0200
Subject: [PATCH] Check length tag in DER-encoded OIDs

---
 src/type/oid.js | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/src/type/oid.js b/src/type/oid.js
index d22fbe19..1422bd66 100644
--- a/src/type/oid.js
+++ b/src/type/oid.js
@@ -47,6 +47,9 @@ function OID(oid) {
              util.isUint8Array(oid)) {
     oid = new Uint8Array(oid);
     if (oid[0] === 0x06) { // DER encoded oid byte array
+      if (oid[1] !== oid.length - 2) {
+        throw new Error('Length mismatch in DER encoded oid');
+      }
       oid = oid.subarray(2);
     }
     this.oid = oid;