From: Andy Polyakov <appro@openssl.org>
Date: Thu, 2 Mar 2017 15:56:44 +0000 (+0100)
Subject: apps/s_client.c: harden ldap_ExtendedResponse_parse.
X-Git-Tag: OpenSSL_1_1_1-pre1~2114
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=8b0d4242404f9e5da26e7594fa0864b2df4601af;p=oweals%2Fopenssl.git

apps/s_client.c: harden ldap_ExtendedResponse_parse.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
---

diff --git a/apps/s_client.c b/apps/s_client.c
index b48c3066a7..e180772e7f 100644
--- a/apps/s_client.c
+++ b/apps/s_client.c
@@ -3091,6 +3091,8 @@ static int ldap_ExtendedResponse_parse(const char *buf, long rem)
         goto end;
     }
 
+    rem = len;  /* ensure that we don't overstep the SEQUENCE */
+
     /* pull MessageID */
     inf = ASN1_get_object(&cur, &len, &tag, &xclass, rem);
     if (inf != V_ASN1_UNIVERSAL || tag != V_ASN1_INTEGER ||