From 9c8f570caee46c319b79396a7715f00a02a9066f Mon Sep 17 00:00:00 2001
From: weidai <weidai@57ff6487-cd31-0410-9ec3-f628ee90f5f0>
Date: Fri, 18 Jun 2010 00:57:26 +0000
Subject: [PATCH] check for integer overflow in OID::DecodeValue()

---
 trunk/c5/asn.cpp | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/trunk/c5/asn.cpp b/trunk/c5/asn.cpp
index 3ebbaf76..8ae1ad65 100644
--- a/trunk/c5/asn.cpp
+++ b/trunk/c5/asn.cpp
@@ -232,6 +232,8 @@ size_t OID::DecodeValue(BufferedTransformation &bt, word32 &v)
 		if (!bt.Get(b))
 			BERDecodeError();
 		i++;
+		if (v >> (8*sizeof(v)-7))	// v about to overflow
+			BERDecodeError();
 		v <<= 7;
 		v += b & 0x7f;
 		if (!(b & 0x80))