Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Evergreen:11.1:kernel-2.6.32
strongswan
strongswan-4.x.x_asn1_rdn.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File strongswan-4.x.x_asn1_rdn.patch of Package strongswan
diff -urN strongswan-4.2.15/src/libstrongswan/asn1/asn1.c strongswan-4.2.15_asn1_rdn/src/libstrongswan/asn1/asn1.c --- strongswan-4.2.15/src/libstrongswan/asn1/asn1.c 2009-05-26 14:15:08.000000000 +0200 +++ strongswan-4.2.15_asn1_rdn/src/libstrongswan/asn1/asn1.c 2009-06-18 22:12:11.000000000 +0200 @@ -261,6 +261,11 @@ len = 256*len + *blob->ptr++; blob->len--; } + if (len > blob->len) + { + DBG2("length is larger than remaining blob size"); + return ASN1_INVALID_LENGTH; + } return len; } diff -urN strongswan-4.2.15/src/libstrongswan/asn1/asn1_parser.c strongswan-4.2.15_asn1_rdn/src/libstrongswan/asn1/asn1_parser.c --- strongswan-4.2.15/src/libstrongswan/asn1/asn1_parser.c 2009-05-26 14:15:08.000000000 +0200 +++ strongswan-4.2.15_asn1_rdn/src/libstrongswan/asn1/asn1_parser.c 2009-06-18 22:12:11.000000000 +0200 @@ -160,7 +160,7 @@ blob1->len = asn1_length(blob); - if (blob1->len == ASN1_INVALID_LENGTH || blob->len < blob1->len) + if (blob1->len == ASN1_INVALID_LENGTH) { DBG1("L%d - %s: length of ASN.1 object invalid or too large", level, obj.name); diff -urN strongswan-4.2.15/src/pluto/asn1.c strongswan-4.2.15_asn1_rdn/src/pluto/asn1.c --- strongswan-4.2.15/src/pluto/asn1.c 2009-05-26 14:15:08.000000000 +0200 +++ strongswan-4.2.15_asn1_rdn/src/pluto/asn1.c 2009-06-18 22:19:53.000000000 +0200 @@ -191,6 +191,13 @@ len = 256*len + *blob->ptr++; blob->len--; } + if (len > blob->len) + { + DBG(DBG_PARSING, + DBG_log("length is larger than remaining blob size") + ) + return ASN1_INVALID_LENGTH; + } return len; } @@ -592,7 +599,7 @@ blob1->len = asn1_length(blob); - if (blob1->len == ASN1_INVALID_LENGTH || blob->len < blob1->len) + if (blob1->len == ASN1_INVALID_LENGTH) { DBG(DBG_PARSING, DBG_log("L%d - %s: length of ASN.1 object invalid or too large",
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor