]> git.ipfire.org Git - thirdparty/squid.git/commitdiff
projects / thirdparty / squid.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: ce1206d)
Reject ridiculously large ASN.1 lengths
authorHenrik Nordstrom <henrik@henriknordstrom.net>
Wed, 18 Jun 2008 18:57:54 +0000 (20:57 +0200)
committerHenrik Nordstrom <henrik@henriknordstrom.net>
Wed, 18 Jun 2008 18:57:54 +0000 (20:57 +0200)
------------- This line and the following will be ignored --------------

modified:
  snmplib/asn1.c

snmplib/asn1.c patch | blob | blame | history

diff --git a/snmplib/asn1.c b/snmplib/asn1.c
index 5ad7d7515b94c67c224f1564d842e36323c1209f..e0dde7fb78b3adf556cea8ffeec41243bae53f6f 100644 (file)
--- a/snmplib/asn1.c
+++ b/snmplib/asn1.c
@@ -484,7 +484,7 @@ asn_parse_header(u_char * data, int *datalength, u_char * type)
        return (NULL);
 
     header_len = bufp - data;
-    if (header_len + asn_length > *datalength) {
+    if (header_len + asn_length > *datalength || asn_length > (u_int)(2 << 18) ) {
        snmp_set_api_error(SNMPERR_ASN_DECODE);
        return (NULL);
     }
Mirror of https://github.com/squid-cache/squid.git