From d4ff19de527cd3eb444c560639324cda35bc838e Mon Sep 17 00:00:00 2001
From: mancha <mancha1@zoho.com>
Date: Sun, 1 Jun 2014
Subject: CVE-2014-3467

This is a backport adaptation for use with GnuTLS 2.12.23.

Relevant upstream commit(s):
-------------------------
http://git.savannah.gnu.org/cgit/libtasn1.git/commit/?id=ff3b5c68cc32e3
http://git.savannah.gnu.org/cgit/libtasn1.git/commit/?id=51612fca32dda4

---
 lib/minitasn1/decoding.c |    6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

--- a/lib/minitasn1/decoding.c
+++ b/lib/minitasn1/decoding.c
@@ -149,7 +149,7 @@ asn1_get_tag_der (const unsigned char *d
       /* Long form */
       punt = 1;
       ris = 0;
-      while (punt <= der_len && der[punt] & 128)
+      while (punt < der_len && der[punt] & 128)
 	{
 	  last = ris;
 
@@ -259,7 +259,7 @@ _asn1_get_time_der (const unsigned char
   if (der_len <= 0 || str == NULL)
     return ASN1_DER_ERROR;
   str_len = asn1_get_length_der (der, der_len, &len_len);
-  if (str_len < 0 || str_size < str_len)
+  if (str_len <= 0 || str_size < str_len)
     return ASN1_DER_ERROR;
   memcpy (str, der + len_len, str_len);
   str[str_len] = 0;
@@ -285,7 +285,7 @@ _asn1_get_objectid_der (const unsigned c
     return ASN1_GENERIC_ERROR;
   len = asn1_get_length_der (der, der_len, &len_len);
 
-  if (len < 0 || len > der_len || len_len > der_len)
+  if (len <= 0 || len > der_len || len_len > der_len)
     return ASN1_DER_ERROR;
 
   val1 = der[len_len] / 40;