File gnutls-CVE-2015-3622.patch of Package gnutls.3982

From: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date: Mon, 20 Apr 2015 14:56:27 +0200
Subject: [PATCH 1/1] _asn1_extract_der_octet: prevent past of boundary access

This version backported to 3.7 branch.

---
 lib/decoding.c |    3 ++-
 1 files changed, 2 insertions(+), 1 deletions(-)

Index: gnutls-3.2.4/lib/minitasn1/decoding.c
===================================================================
--- gnutls-3.2.4.orig/lib/minitasn1/decoding.c	2015-08-03 15:08:47.167115688 +0200
+++ gnutls-3.2.4/lib/minitasn1/decoding.c	2015-08-03 15:10:22.844263539 +0200
@@ -618,6 +618,7 @@ _asn1_extract_der_octet (asn1_node node,
     return ASN1_DER_ERROR;
 
   counter2 = len3 + 1;
+  DECR_LEN(der_len, len3);
 
   if (len2 == -1)
     counter_end = der_len - 2;
@@ -626,6 +627,7 @@ _asn1_extract_der_octet (asn1_node node,
 
   while (counter2 < counter_end)
     {
+      DECR_LEN(der_len, 1);
       len2 = asn1_get_length_der (der + counter2, der_len - counter2, &len3);
 
       if (len2 < -1)

Places

File gnutls-CVE-2015-3622.patch of Package gnutls.3982

Places