net-misc/strongswan/files/strongswan-5.0.2-asn1_unwrap.patch - mirrors/cros/chromiumos/overlays/chromiumos-overlay - Git at Google

 From 4609d5384c187aef2e58f91f53f5889f25faeaeb Mon Sep 17 00:00:00 2001
 From: Tobias Brunner <tobias@strongswan.org>
 Date: Thu, 24 Apr 2014 17:04:10 +0200
 Subject: [PATCH] asn1: Properly check length in asn1_unwrap()

 ---
  src/libstrongswan/asn1/asn1.c |    2 +-
  1 file changed, 1 insertion(+), 1 deletion(-)

 diff --git a/src/libstrongswan/asn1/asn1.c b/src/libstrongswan/asn1/asn1.c
 index d860ad9..9a5f5c5 100644
 --- a/src/libstrongswan/asn1/asn1.c
 +++ b/src/libstrongswan/asn1/asn1.c
 @@ -296,7 +296,7 @@ int asn1_unwrap(chunk_t *blob, chunk_t *inner)
  	else
  	{	/* composite length, determine number of length octets */
  		len &= 0x7f;
 -		if (len == 0 || len > sizeof(res.len))
 +		if (len == 0 || len > blob->len || len > sizeof(res.len))
  		{
  			return ASN1_INVALID;
  		}
 --
 1.7.10.4
	From 4609d5384c187aef2e58f91f53f5889f25faeaeb Mon Sep 17 00:00:00 2001
	From: Tobias Brunner <tobias@strongswan.org>
	Date: Thu, 24 Apr 2014 17:04:10 +0200
	Subject: [PATCH] asn1: Properly check length in asn1_unwrap()

	---
	src/libstrongswan/asn1/asn1.c \| 2 +-
	1 file changed, 1 insertion(+), 1 deletion(-)

	diff --git a/src/libstrongswan/asn1/asn1.c b/src/libstrongswan/asn1/asn1.c
	index d860ad9..9a5f5c5 100644
	--- a/src/libstrongswan/asn1/asn1.c
	+++ b/src/libstrongswan/asn1/asn1.c
	@@ -296,7 +296,7 @@ int asn1_unwrap(chunk_t blob, chunk_t inner)
	else
	{ /* composite length, determine number of length octets */
	len &= 0x7f;
	- if (len == 0 \|\| len > sizeof(res.len))
	+ if (len == 0 \|\| len > blob->len \|\| len > sizeof(res.len))
	{
	return ASN1_INVALID;
	}
	--
	1.7.10.4