From e8120632ae302fe1e12eeec9baf1a70d33456ca8 Mon Sep 17 00:00:00 2001
From: Tobias Brunner <tobias@strongswan.org>
Date: Fri, 11 May 2012 16:05:55 +0200
Subject: Don't use chunk_skip() in asn1_length().

chunk_skip() returns chunk_empty if the length of the chunk is equal to
the number of bytes to skip, this is problematic as asn1_length() modifies
the original chunk.  asn1_parser_t for instance uses the modified chunk to
later calculate the length of the resulting ASN.1 object which produces
incorrect results if it is based on chunk_empty.
---
 src/libstrongswan/asn1/asn1.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'src')

diff --git a/src/libstrongswan/asn1/asn1.c b/src/libstrongswan/asn1/asn1.c
index 4cb38d126..8adab8580 100644
--- a/src/libstrongswan/asn1/asn1.c
+++ b/src/libstrongswan/asn1/asn1.c
@@ -228,7 +228,8 @@ size_t asn1_length(chunk_t *blob)
 
 	/* read length field, skip tag and length */
 	n = blob->ptr[1];
-	*blob = chunk_skip(*blob, 2);
+	blob->ptr += 2;
+	blob->len -= 2;
 
 	if ((n & 0x80) == 0)
 	{	/* single length octet */
-- 
cgit v1.2.3