X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;f=libraries%2Fliblber%2Fio.c;h=0726d82895e4b45f2e40a1151037a20d9e6a1d14;hb=bcf64b6e1ed94b95c0967005cbefdd8b386fb86c;hp=1e2df83cdaf470052394b356fc36c5699b5aeb19;hpb=54733bfc15fd7308c0780dca61f311d0f91f1157;p=openldap

diff --git a/libraries/liblber/io.c b/libraries/liblber/io.c
index 1e2df83cda..0726d82895 100644
--- a/libraries/liblber/io.c
+++ b/libraries/liblber/io.c
@@ -2,7 +2,7 @@
 /* $OpenLDAP$ */
 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
  *
- * Copyright 1998-2014 The OpenLDAP Foundation.
+ * Copyright 1998-2015 The OpenLDAP Foundation.
  * All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -656,7 +656,8 @@ ber_get_next(
 		ber_slen_t to_go;
 		
 		to_go = ber->ber_end - ber->ber_rwptr;
-		assert( to_go > 0 );
+		/* unsigned/signed overflow */
+		if (to_go<0) return LBER_DEFAULT;
 		
 		sock_errset(0);
 		res = ber_int_sb_read( sb, ber->ber_rwptr, to_go );
@@ -679,7 +680,7 @@ done:
 		return (ber->ber_tag);
 	}
 
-	assert( 0 ); /* ber structure is messed up ?*/
+	/* invalid input */
 	return LBER_DEFAULT;
 }