From: Andreas Steffen <andreas.steffen@strongswan.org>
Date: Fri, 14 Feb 2014 14:06:57 +0000 (+0100)
Subject: Fixed a minor vulnerability in which a malformed ASN.1 length field could cause a... 
X-Git-Tag: 5.1.2rc1^0
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=1f9e4d029eb13db90644525ef366ae858ea15cdf;p=thirdparty%2Fstrongswan.git

Fixed a minor vulnerability in which a malformed ASN.1 length field could cause a crash of the charon daemon if the verbose debug level 3 (raw hex dump) for the asn subsystem is enabled.
---

diff --git a/src/libstrongswan/asn1/asn1_parser.c b/src/libstrongswan/asn1/asn1_parser.c
index c31fb75f0b..e7b7a428d9 100644
--- a/src/libstrongswan/asn1/asn1_parser.c
+++ b/src/libstrongswan/asn1/asn1_parser.c
@@ -160,6 +160,7 @@ METHOD(asn1_parser_t, iterate, bool,
 		DBG1(DBG_ASN, "L%d - %s:  length of ASN.1 object invalid or too large",
 					level, obj.name);
 		this->success = FALSE;
+		goto end;
 	}
 
 	blob1->ptr = blob->ptr;