From: Henrik Nordstrom <henrik@henriknordstrom.net>
Date: Wed, 18 Jun 2008 18:57:54 +0000 (+0200)
Subject: Reject ridiculously large ASN.1 lengths
X-Git-Tag: SQUID_3_1_0_1~49^2~200
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=a8c0880f41c4b8c058be476afe84f69176b9cf55;p=thirdparty%2Fsquid.git

Reject ridiculously large ASN.1 lengths
------------- This line and the following will be ignored --------------

modified:
  snmplib/asn1.c
---

diff --git a/snmplib/asn1.c b/snmplib/asn1.c
index 5ad7d7515b..e0dde7fb78 100644
--- a/snmplib/asn1.c
+++ b/snmplib/asn1.c
@@ -484,7 +484,7 @@ asn_parse_header(u_char * data, int *datalength, u_char * type)
 	return (NULL);
 
     header_len = bufp - data;
-    if (header_len + asn_length > *datalength) {
+    if (header_len + asn_length > *datalength || asn_length > (u_int)(2 << 18) ) {
 	snmp_set_api_error(SNMPERR_ASN_DECODE);
 	return (NULL);
     }