From: Mats Klepsland <mats.klepsland@gmail.com>
Date: Thu, 31 Mar 2016 12:28:24 +0000 (+0200)
Subject: util-decode-der: fix heap-buffer-overflow
X-Git-Tag: suricata-3.0.1~2
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=c0dd91159103e0be75cb53b2562acad992171ded;p=thirdparty%2Fsuricata.git

util-decode-der: fix heap-buffer-overflow
---

diff --git a/src/util-decode-der.c b/src/util-decode-der.c
index 05c4671ad8..67e7b0dda9 100644
--- a/src/util-decode-der.c
+++ b/src/util-decode-der.c
@@ -742,6 +742,9 @@ Asn1Generic * DecodeDer(const unsigned char *buffer, uint32_t size, uint32_t *er
     Asn1Generic *cert;
     uint8_t c;
 
+    if (size < 2)
+        return NULL;
+
     /* Check that buffer is an ASN.1 structure (basic checks) */
     if (d_ptr[0] != 0x30 && d_ptr[1] != 0x82) /* Sequence */
         return NULL;