Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

ticket: 2687

pullup to 1.2.x from trunk.


git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-2-2-branch@16707 dc483132-0cff-0310-8789-dd5450dbe970
  • Loading branch information...
commit a54b2c431ec5bbf2ac6f0eab792944f0f4a9e253 1 parent 4c0b38c
tlyu authored
Showing with 4 additions and 0 deletions.
  1. +2 −0  src/lib/krb5/asn.1/ChangeLog
  2. +2 −0  src/lib/krb5/asn.1/asn1buf.c
View
2  src/lib/krb5/asn.1/ChangeLog
@@ -1,5 +1,7 @@
2004-08-31 Tom Yu <tlyu@mit.edu>
+ * asn1buf.c: Fix denial-of-service bug.
+
* asn1buf.c:
* krb5_decode.c: Fix double-free vulnerabilities.
View
2  src/lib/krb5/asn.1/asn1buf.c
@@ -140,6 +140,8 @@ asn1_error_code asn1buf_skiptail(buf, length, indef)
return ASN1_OVERRUN;
}
while (nestlevel > 0) {
+ if (buf->bound - buf->next + 1 <= 0)
+ return ASN1_OVERRUN;
retval = asn1_get_tag_indef(buf, &class, &construction, &tagnum,
&taglen, &tagindef);
if (retval) return retval;
Please sign in to comment.
Something went wrong with that request. Please try again.