From 480db00fd770991a1a9dbcccfbadb24070f57e69 Mon Sep 17 00:00:00 2001
From: Eric Leblond <eric@regit.org>
Date: Mon, 19 Dec 2011 10:20:50 +0100
Subject: [PATCH] tls-handshake: DecodeAsn1BuildValue should return -1 for
 error

This patch modifies DecodeAsn1BuildValue to have it return -1 when
there is a too big number of bytes announced in the ASN.1 message.
---
 src/util-decode-der.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/util-decode-der.c b/src/util-decode-der.c
index 75a1ed3b00..a076263657 100644
--- a/src/util-decode-der.c
+++ b/src/util-decode-der.c
@@ -291,6 +291,8 @@ static int DecodeAsn1BuildValue(const unsigned char **d_ptr, uint32_t *val, uint
         SCLogDebug("Invalid ASN.1 num bytes: %d", numbytes);
         /* too big won't fit: set it to 0xffffffff by convention */
         value = 0xffffffff;
+        *val = value;
+        return -1;
     } else {
         for (i=0; i<numbytes; i++) {
             value = value<<8 | (*d_ptr)[0];