From: Adrian-Ken Rueegsegger <ken@codelabs.ch>
Date: Mon, 12 Nov 2012 11:08:32 +0000 (+0100)
Subject: Check that chunk fits into sequence when converting
X-Git-Tag: 5.0.3rc1~39^2~29
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=d2371b728c645e93823a82b2ffc1b587e1b2b32f;p=thirdparty%2Fstrongswan.git

Check that chunk fits into sequence when converting
---

diff --git a/src/charon-tkm/src/tkm/tkm_utils.c b/src/charon-tkm/src/tkm/tkm_utils.c
index 28fcdd1d14..e0c3e5752a 100644
--- a/src/charon-tkm/src/tkm/tkm_utils.c
+++ b/src/charon-tkm/src/tkm/tkm_utils.c
@@ -14,6 +14,8 @@
  * for more details.
  */
 
+#include <utils/debug.h>
+
 #include "tkm_utils.h"
 
 /* Generic variable-length sequence */
@@ -33,8 +35,18 @@ void sequence_to_chunk(const byte_t * const first, const uint32_t len,
 void chunk_to_sequence(const chunk_t * const chunk, void *sequence,
 		const uint32_t typelen)
 {
+	const uint32_t seqlenmax = typelen - sizeof(uint32_t);
 	memset(sequence, 0, typelen);
 	sequence_type *seq = sequence;
-	seq->size = chunk->len;
+	if (chunk->len > seqlenmax)
+	{
+		DBG1(DBG_LIB, "chunk too large to fit into sequence %d > %d, limiting"
+			 " to %d bytes", chunk->len, seqlenmax, seqlenmax);
+		seq->size = seqlenmax;
+	}
+	else
+	{
+		seq->size = chunk->len;
+	}
 	memcpy(seq->data, chunk->ptr, seq->size);
 }