From: Rafal Krypa <r.krypa@samsung.com>
Date: Fri, 16 Jun 2017 09:15:19 +0000 (+0200)
Subject: Fix CVE-2017-6891 in minitasn1 code
X-Git-Tag: accepted/tizen/4.0/unified/20170816.013930^0
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=HEAD;p=platform%2Fupstream%2Fgnutls.git

Fix CVE-2017-6891 in minitasn1 code

Based on upstream libtasn1 fix:
http://git.savannah.gnu.org/gitweb/?p=libtasn1.git;a=commitdiff;h=5520704d075802df25ce4ffccc010ba1641bd484

Change-Id: I2c7742b627f9467f68643682e9287cf852a5b2a3
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
---

diff --git a/lib/minitasn1/parser_aux.c b/lib/minitasn1/parser_aux.c
index 2285b20..3d9094c 100644
--- a/lib/minitasn1/parser_aux.c
+++ b/lib/minitasn1/parser_aux.c
@@ -120,6 +120,9 @@ asn1_find_node (asn1_node pointer, const char *name)
       if (n_end)
 	{
 	  nsize = n_end - n_start;
+	  if (nsize >= sizeof(n))
+		return NULL;
+
 	  memcpy (n, n_start, nsize);
 	  n[nsize] = 0;
 	  n_start = n_end;
@@ -158,6 +161,9 @@ asn1_find_node (asn1_node pointer, const char *name)
       if (n_end)
 	{
 	  nsize = n_end - n_start;
+	  if (nsize >= sizeof(n))
+		return NULL;
+
 	  memcpy (n, n_start, nsize);
 	  n[nsize] = 0;
 	  n_start = n_end;