From: Eric Leblond <eric@regit.org>
Date: Mon, 19 Dec 2011 09:20:50 +0000 (+0100)
Subject: tls-handshake: DecodeAsn1BuildValue should return -1 for error
X-Git-Tag: suricata-1.3beta1~85
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=480db00fd770991a1a9dbcccfbadb24070f57e69;p=thirdparty%2Fsuricata.git

tls-handshake: DecodeAsn1BuildValue should return -1 for error

This patch modifies DecodeAsn1BuildValue to have it return -1 when
there is a too big number of bytes announced in the ASN.1 message.
---

diff --git a/src/util-decode-der.c b/src/util-decode-der.c
index 75a1ed3b00..a076263657 100644
--- a/src/util-decode-der.c
+++ b/src/util-decode-der.c
@@ -291,6 +291,8 @@ static int DecodeAsn1BuildValue(const unsigned char **d_ptr, uint32_t *val, uint
         SCLogDebug("Invalid ASN.1 num bytes: %d", numbytes);
         /* too big won't fit: set it to 0xffffffff by convention */
         value = 0xffffffff;
+        *val = value;
+        return -1;
     } else {
         for (i=0; i<numbytes; i++) {
             value = value<<8 | (*d_ptr)[0];