From be804d75b90865776e2d1174d40b6286a0679b95 Mon Sep 17 00:00:00 2001
From: emaste <emaste@FreeBSD.org>
Date: Tue, 6 Aug 2019 16:11:16 +0000
Subject: [PATCH] MFC r350635: bsnmp: add asn1 message length validation

admbugs:	780
Submitted by:	Guido Vranken, bz
Reported by:	Guido Vranken
Approved by:	so
Security:       CVE-2019-5610
---
 contrib/bsnmp/lib/asn1.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/contrib/bsnmp/lib/asn1.c b/contrib/bsnmp/lib/asn1.c
index 03b5662ed22c..c96ea8c84ff6 100644
--- a/contrib/bsnmp/lib/asn1.c
+++ b/contrib/bsnmp/lib/asn1.c
@@ -100,6 +100,11 @@ asn_get_header(struct asn_buf *b, u_char *type, asn_len_t *len)
 		*len = *b->asn_cptr++;
 		b->asn_len--;
 	}
+	if (*len > b->asn_len) {
+		asn_error(b, "len %u exceeding asn_len %u", *len, b->asn_len);
+		return (ASN_ERR_EOBUF);
+	}
+	
 	return (ASN_ERR_OK);
 }