90af4f16c5
Security patches to fix CVE-2013-5018, CVE-2013-6075 and CVE-2013-6076. Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
30 lines
710 B
Diff
30 lines
710 B
Diff
From 057265e0183ddf52d56f21adaf0db0f3dc6585a4 Mon Sep 17 00:00:00 2001
|
|
From: Tobias Brunner <tobias@strongswan.org>
|
|
Date: Mon, 29 Jul 2013 23:45:38 +0200
|
|
Subject: [PATCH] asn1: Fix handling of invalid ASN.1 length in is_asn1()
|
|
|
|
Fixes CVE-2013-5018.
|
|
---
|
|
src/libstrongswan/asn1/asn1.c | 5 +++++
|
|
1 file changed, 5 insertions(+)
|
|
|
|
diff --git a/src/libstrongswan/asn1/asn1.c b/src/libstrongswan/asn1/asn1.c
|
|
index 68f37f4..d860ad9 100644
|
|
--- a/src/libstrongswan/asn1/asn1.c
|
|
+++ b/src/libstrongswan/asn1/asn1.c
|
|
@@ -642,6 +642,11 @@ bool is_asn1(chunk_t blob)
|
|
|
|
len = asn1_length(&blob);
|
|
|
|
+ if (len == ASN1_INVALID_LENGTH)
|
|
+ {
|
|
+ return FALSE;
|
|
+ }
|
|
+
|
|
/* exact match */
|
|
if (len == blob.len)
|
|
{
|
|
--
|
|
1.7.10.4
|
|
|