I found this bug in MIT code. If you have the same code, you should 
fix it. This breaks any tag bigger than 30.

Zhihong

> 
> Found a bug in the DER decoder of KRB5-1.28.
> 
> This loop in asn1_get.c is wrong,
> 
>     do{
>       retval = asn1buf_remove_octet(buf,&o);
>       if(retval) return retval;
>       tn = (tn<<7) + (asn1_tagnum)(o&0x7F);
>     }while(tn&0x80);
> 
> It should be "while(o&0x80)".
> 
> The effect is that it can't decode any tags bigger than 30.
> 
> Zhihong
>