Permalink
Browse files

ticket: 2687

pullup to 1.2.x from trunk.


git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-2-2-branch@16707 dc483132-0cff-0310-8789-dd5450dbe970
  • Loading branch information...
tlyu
tlyu committed Aug 31, 2004
1 parent 4c0b38c commit a54b2c431ec5bbf2ac6f0eab792944f0f4a9e253
Showing with 4 additions and 0 deletions.
  1. +2 −0 src/lib/krb5/asn.1/ChangeLog
  2. +2 −0 src/lib/krb5/asn.1/asn1buf.c
@@ -1,5 +1,7 @@
2004-08-31 Tom Yu <tlyu@mit.edu>
+ * asn1buf.c: Fix denial-of-service bug.
+
* asn1buf.c:
* krb5_decode.c: Fix double-free vulnerabilities.
@@ -140,6 +140,8 @@ asn1_error_code asn1buf_skiptail(buf, length, indef)
return ASN1_OVERRUN;
}
while (nestlevel > 0) {
+ if (buf->bound - buf->next + 1 <= 0)
+ return ASN1_OVERRUN;
retval = asn1_get_tag_indef(buf, &class, &construction, &tagnum,
&taglen, &tagindef);
if (retval) return retval;

0 comments on commit a54b2c4

Please sign in to comment.