From: Amos Jeffries <amosjeffries@squid-cache.org>
Date: Thu, 19 Jun 2008 05:37:04 +0000 (-0600)
Subject: Author: Henrik Nordstrom <henrik@henriknordstrom.net>
X-Git-Tag: SQUID_3_0_STABLE7~7
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=bc792d852d1a7ce821610770584647a488c9c6bc;p=thirdparty%2Fsquid.git

Author: Henrik Nordstrom <henrik@henriknordstrom.net>
Reject ridiculously large ASN.1 lengths
---

diff --git a/snmplib/asn1.c b/snmplib/asn1.c
index 5ad7d7515b..e0dde7fb78 100644
--- a/snmplib/asn1.c
+++ b/snmplib/asn1.c
@@ -484,7 +484,7 @@ asn_parse_header(u_char * data, int *datalength, u_char * type)
 	return (NULL);
 
     header_len = bufp - data;
-    if (header_len + asn_length > *datalength) {
+    if (header_len + asn_length > *datalength || asn_length > (u_int)(2 << 18) ) {
 	snmp_set_api_error(SNMPERR_ASN_DECODE);
 	return (NULL);
     }