X-Git-Url: http://git.indexdata.com/?a=blobdiff_plain;f=odr%2Fber_len.c;h=b4fdba606396671f18741df47bc4e6e456690b3a;hb=9241daf8b3104b67b2801872d0e07d6762f78b47;hp=ee705635386130f10fc2fe495c9b6b76d207f4b8;hpb=aa82967af8f06004b567ad1ed40c67b056c44e7b;p=yaz-moved-to-github.git

diff --git a/odr/ber_len.c b/odr/ber_len.c
index ee70563..b4fdba6 100644
--- a/odr/ber_len.c
+++ b/odr/ber_len.c
@@ -1,5 +1,16 @@
+/*
+ * Copyright (C) 1995-2003, Index Data.
+ * See the file LICENSE for details.
+ * Sebastian Hammer, Adam Dickmeiss
+ *
+ * $Id: ber_len.c,v 1.12 2003-03-11 11:03:31 adam Exp $
+ */
+#if HAVE_CONFIG_H
+#include <config.h>
+#endif
+
 #include <stdio.h>
-#include <odr.h>
+#include "odr-priv.h"
 
 /*
  * Encode BER length octets. If exact, lenlen is the exact desired
@@ -73,11 +84,13 @@ int ber_enclen(ODR o, int len, int lenlen, int exact)
  * len = -1   indefinite.
  * len >= 0    Length.
  */
-int ber_declen(unsigned char *buf, int *len)
+int ber_declen(const unsigned char *buf, int *len, int max)
 {
-    unsigned char *b = buf;
+    const unsigned char *b = buf;
     int n;
 
+    if (max < 1)
+        return -1;
     if (*b == 0X80)     /* Indefinite */
     {
     	*len = -1;
@@ -98,13 +111,17 @@ int ber_declen(unsigned char *buf, int *len)
 	return -1;
     /* indefinite long form */ 
     n = *b & 0X7F;
+    if (n >= max)
+        return -1;
     *len = 0;
     b++;
-    while (n--)
+    while (--n >= 0)
     {
     	*len <<= 8;
     	*len |= *(b++);
     }
+    if (*len < 0)
+        return -1;
 #ifdef ODR_DEBUG
     fprintf(stderr, "[len=%d]", *len);
 #endif