diff options
author | Andreas Steffen <andreas.steffen@strongswan.org> | 2014-02-14 15:06:57 +0100 |
---|---|---|
committer | Andreas Steffen <andreas.steffen@strongswan.org> | 2014-02-14 15:06:57 +0100 |
commit | 1f9e4d029eb13db90644525ef366ae858ea15cdf (patch) | |
tree | 39a7d4809115d6bc47278b571a936cbd90fa9373 | |
parent | 5645ad2976cc6d6cee025162ecd457574d748def (diff) | |
download | strongswan-5.1.2rc1.tar.bz2 strongswan-5.1.2rc1.tar.xz |
Fixed a minor vulnerability in which a malformed ASN.1 length field could cause a crash of the charon daemon if the verbose debug level 3 (raw hex dump) for the asn subsystem is enabled.5.1.2rc1
-rw-r--r-- | src/libstrongswan/asn1/asn1_parser.c | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/src/libstrongswan/asn1/asn1_parser.c b/src/libstrongswan/asn1/asn1_parser.c index c31fb75f0..e7b7a428d 100644 --- a/src/libstrongswan/asn1/asn1_parser.c +++ b/src/libstrongswan/asn1/asn1_parser.c @@ -160,6 +160,7 @@ METHOD(asn1_parser_t, iterate, bool, DBG1(DBG_ASN, "L%d - %s: length of ASN.1 object invalid or too large", level, obj.name); this->success = FALSE; + goto end; } blob1->ptr = blob->ptr; |