From c0dd91159103e0be75cb53b2562acad992171ded Mon Sep 17 00:00:00 2001
From: Mats Klepsland <mats.klepsland@gmail.com>
Date: Thu, 31 Mar 2016 14:28:24 +0200
Subject: [PATCH] util-decode-der: fix heap-buffer-overflow

---
 src/util-decode-der.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/src/util-decode-der.c b/src/util-decode-der.c
index 05c4671ad8..67e7b0dda9 100644
--- a/src/util-decode-der.c
+++ b/src/util-decode-der.c
@@ -742,6 +742,9 @@ Asn1Generic * DecodeDer(const unsigned char *buffer, uint32_t size, uint32_t *er
     Asn1Generic *cert;
     uint8_t c;
 
+    if (size < 2)
+        return NULL;
+
     /* Check that buffer is an ASN.1 structure (basic checks) */
     if (d_ptr[0] != 0x30 && d_ptr[1] != 0x82) /* Sequence */
         return NULL;