From 24ed1d41707f873f3b7a22159e4bb3942f319fac Mon Sep 17 00:00:00 2001
From: mancha <mancha1@zoho.com>
Date: Sun, 1 Jun 2014
Subject: CVE-2014-3468

This is a backport adaptation for use with GnuTLS 2.12.23.

Relevant upstream commit(s):
-------------------------
http://git.savannah.gnu.org/cgit/libtasn1.git/commit/?id=1c3ccb3e040bf1

---
 lib/minitasn1/decoding.c |    7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

--- a/lib/minitasn1/decoding.c
+++ b/lib/minitasn1/decoding.c
@@ -226,7 +226,7 @@ asn1_get_octet_der (const unsigned char
 		    int *ret_len, unsigned char *str, int str_size,
 		    int *str_len)
 {
-  int len_len;
+  int len_len = 0;
 
   if (der_len <= 0)
     return ASN1_GENERIC_ERROR;
@@ -347,7 +347,7 @@ asn1_get_bit_der (const unsigned char *d
 		  int *ret_len, unsigned char *str, int str_size,
 		  int *bit_len)
 {
-  int len_len, len_byte;
+  int len_len = 0, len_byte;
 
   if (der_len <= 0)
     return ASN1_GENERIC_ERROR;
@@ -358,6 +358,9 @@ asn1_get_bit_der (const unsigned char *d
   *ret_len = len_byte + len_len + 1;
   *bit_len = len_byte * 8 - der[len_len];
 
+  if (*bit_len <= 0)
+    return ASN1_DER_ERROR;
+
   if (str_size >= len_byte)
     memcpy (str, der + len_len + 1, len_byte);
   else