[SCM] GNU gnutls branch, master, updated. gnutls_3_1_3-82-gc5bd1ca

[Nikos Mavrogiannopoulos]

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU gnutls".

http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=c5bd1cab82a0963327244788df3ac5c42ffea68d

The branch, master has been updated
       via  c5bd1cab82a0963327244788df3ac5c42ffea68d (commit)
      from  3fcb006e28f946fa73660c0dc6c844a76cbc0f84 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit c5bd1cab82a0963327244788df3ac5c42ffea68d
Author: Nikos Mavrogiannopoulos <address@hidden>
Date:   Mon Nov 5 22:06:05 2012 +0100

    set an upper limit to SRTP profiles in hello message.

-----------------------------------------------------------------------

Summary of changes:
 lib/ext/srtp.c |    8 ++++++++
 1 files changed, 8 insertions(+), 0 deletions(-)

diff --git a/lib/ext/srtp.c b/lib/ext/srtp.c
index 485d429..48df7d4 100644
--- a/lib/ext/srtp.c
+++ b/lib/ext/srtp.c
@@ -145,6 +145,8 @@ int gnutls_srtp_get_profile_id (const char *name,
   return 0;
 }
 
+#define MAX_PROFILES_IN_SRTP_EXTENSION 256
+
 /**
  * gnutls_srtp_get_profile_name
  * @profile: The profile to look up a string for
@@ -192,6 +194,12 @@ _gnutls_srtp_recv_params (gnutls_session_t session,
   len = _gnutls_read_uint16 (p);
   p += 2;
 
+  if (len+1 > data_size)
+    return gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET_LENGTH);
+  
+  if (len > MAX_PROFILES_IN_SRTP_EXTENSION*2)
+    return 0;
+
   while (len > 0)
     {
       DECR_LEN (data_size, 2);


hooks/post-receive
-- 
GNU gnutls