Imported Upstream version 1.3.4

[platform/upstream/libksba.git] / src / ber-help.c

diff --git a/src/ber-help.c b/src/ber-help.c
index f6a6692..87109f3 100644 (file)
--- a/src/ber-help.c
+++ b/src/ber-help.c
@@ -285,9 +285,15 @@ _ksba_ber_parse_tl (unsigned char const **buffer, size_t *size,
           ti->buf[ti->nhdr++] = c;
           len |= c & 0xff;
         }
+      /* Sanity check for the length: This is done so that we can take
+       * the value for malloc plus some additional bytes without
+       * risking an overflow.  */
+      if (len > (1 << 30))
+        return gpg_error (GPG_ERR_BAD_BER);
       ti->length = len;
     }
 
+
   /* Without this kludge some example certs can't be parsed */
   if (ti->class == CLASS_UNIVERSAL && !ti->tag)
     ti->length = 0;