Fixed a minor vulnerability in which a malformed ASN.1 length field could cause a crash of the charon daemon if the verbose debug level 3 (raw hex dump) for the asn subsystem is enabled.5.1.2rc1

author: Andreas Steffen <andreas.steffen@strongswan.org> 2014-02-14 15:06:57 +0100
committer: Andreas Steffen <andreas.steffen@strongswan.org> 2014-02-14 15:06:57 +0100
commit: 1f9e4d029eb13db90644525ef366ae858ea15cdf (patch)
tree: 39a7d4809115d6bc47278b571a936cbd90fa9373
parent: 5645ad2976cc6d6cee025162ecd457574d748def (diff)
download: strongswan-5.1.2rc1.tar.bz2
strongswan-5.1.2rc1.tar.xz
1 files changed, 1 insertions, 0 deletions
diff --git a/src/libstrongswan/asn1/asn1_parser.c b/src/libstrongswan/asn1/asn1_parser.c
index c31fb75f0..e7b7a428d 100644
--- a/src/libstrongswan/asn1/asn1_parser.c
+++ b/src/libstrongswan/asn1/asn1_parser.c
@@ -160,6 +160,7 @@ METHOD(asn1_parser_t, iterate, bool,
 		DBG1(DBG_ASN, "L%d - %s:  length of ASN.1 object invalid or too large",
 					level, obj.name);
 		this->success = FALSE;
+		goto end;
 	}
 
 	blob1->ptr = blob->ptr;
author	Andreas Steffen <andreas.steffen@strongswan.org>	2014-02-14 15:06:57 +0100
committer	Andreas Steffen <andreas.steffen@strongswan.org>	2014-02-14 15:06:57 +0100
commit	1f9e4d029eb13db90644525ef366ae858ea15cdf (patch)
tree	39a7d4809115d6bc47278b571a936cbd90fa9373
parent	5645ad2976cc6d6cee025162ecd457574d748def (diff)
download	strongswan-5.1.2rc1.tar.bz2 strongswan-5.1.2rc1.tar.xz