package/strongswan/strongswan-0003-CVE-2013-5018-fix.patch - buildroot - Git at Google

 From 057265e0183ddf52d56f21adaf0db0f3dc6585a4 Mon Sep 17 00:00:00 2001
 From: Tobias Brunner <tobias@strongswan.org>
 Date: Mon, 29 Jul 2013 23:45:38 +0200
 Subject: [PATCH] asn1: Fix handling of invalid ASN.1 length in is_asn1()

 Fixes CVE-2013-5018.
 ---
  src/libstrongswan/asn1/asn1.c |    5 +++++
  1 file changed, 5 insertions(+)

 diff --git a/src/libstrongswan/asn1/asn1.c b/src/libstrongswan/asn1/asn1.c
 index 68f37f4..d860ad9 100644
 --- a/src/libstrongswan/asn1/asn1.c
 +++ b/src/libstrongswan/asn1/asn1.c
 @@ -642,6 +642,11 @@ bool is_asn1(chunk_t blob)

  	len = asn1_length(&blob);

 +	if (len == ASN1_INVALID_LENGTH)
 +	{
 +		return FALSE;
 +	}
 +
  	/* exact match */
  	if (len == blob.len)
  	{
 --
 1.7.10.4
	From 057265e0183ddf52d56f21adaf0db0f3dc6585a4 Mon Sep 17 00:00:00 2001
	From: Tobias Brunner <tobias@strongswan.org>
	Date: Mon, 29 Jul 2013 23:45:38 +0200
	Subject: [PATCH] asn1: Fix handling of invalid ASN.1 length in is_asn1()

	Fixes CVE-2013-5018.
	---
	src/libstrongswan/asn1/asn1.c \| 5 +++++
	1 file changed, 5 insertions(+)

	diff --git a/src/libstrongswan/asn1/asn1.c b/src/libstrongswan/asn1/asn1.c
	index 68f37f4..d860ad9 100644
	--- a/src/libstrongswan/asn1/asn1.c
	+++ b/src/libstrongswan/asn1/asn1.c
	@@ -642,6 +642,11 @@ bool is_asn1(chunk_t blob)

	len = asn1_length(&blob);

	+ if (len == ASN1_INVALID_LENGTH)
	+ {
	+ return FALSE;
	+ }
	+
	/* exact match */
	if (len == blob.len)
	{
	--
	1.7.10.4