apps/s_client.c: harden ldap_ExtendedResponse_parse.

Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
author: Andy Polyakov <appro@openssl.org> 2017-03-02 16:56:44 +0100
committer: Andy Polyakov <appro@openssl.org> 2017-03-04 23:16:17 +0100
commit: 8b0d4242404f9e5da26e7594fa0864b2df4601af (patch)
tree: 617dd1ef5f127b32aa28b0fd4bb970f8466f6395 /apps
parent: 312e9387fddacbcef4148bd3ace25c7db89e374e (diff)
download: openssl-8b0d4242404f9e5da26e7594fa0864b2df4601af.tar.gz
1 files changed, 2 insertions, 0 deletions
diff --git a/apps/s_client.c b/apps/s_client.c
index b48c3066a7..e180772e7f 100644
--- a/apps/s_client.c
+++ b/apps/s_client.c
@@ -3091,6 +3091,8 @@ static int ldap_ExtendedResponse_parse(const char *buf, long rem)
         goto end;
     }
 
+    rem = len;  /* ensure that we don't overstep the SEQUENCE */
+
     /* pull MessageID */
     inf = ASN1_get_object(&cur, &len, &tag, &xclass, rem);
     if (inf != V_ASN1_UNIVERSAL || tag != V_ASN1_INTEGER ||
author	Andy Polyakov <appro@openssl.org>	2017-03-02 16:56:44 +0100
committer	Andy Polyakov <appro@openssl.org>	2017-03-04 23:16:17 +0100
commit	8b0d4242404f9e5da26e7594fa0864b2df4601af (patch)
tree	617dd1ef5f127b32aa28b0fd4bb970f8466f6395 /apps
parent	312e9387fddacbcef4148bd3ace25c7db89e374e (diff)
download	openssl-8b0d4242404f9e5da26e7594fa0864b2df4601af.tar.gz