From 22fd12b290adea788122044cb58dc9e77754644f Mon Sep 17 00:00:00 2001
From: Vivek Kumbhar <vkumbhar@mvista.com>
Date: Thu, 17 Nov 2022 12:07:50 +0530
Subject: [PATCH] CVE-2021-46848

Upstream-Status: Backport [https://gitlab.com/gnutls/libtasn1/-/commit/44a700d2051a666235748970c2df047ff207aeb5]
CVE: CVE-2021-46848
Signed-off-by: Vivek Kumbhar <vkumbhar@mvista.com>

Fix ETYPE_OK off by one array size check.
---
 NEWS      | 4 ++++
 lib/int.h | 2 +-
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/NEWS b/NEWS
index f042481..d8f684e 100644
--- a/NEWS
+++ b/NEWS
@@ -1,5 +1,9 @@
 GNU Libtasn1 NEWS                                     -*- outline -*-
 
+* Noteworthy changes in release ?.? (????-??-??) [?]
+- Fix ETYPE_OK out of bounds read.  Closes: #32.
+- Update gnulib files and various maintenance fixes.
+
 * Noteworthy changes in release 4.16.0 (released 2020-02-01) [stable]
 - asn1_decode_simple_ber: added support for constructed definite
   octet strings. This allows this function decode the whole set of
diff --git a/lib/int.h b/lib/int.h
index ea16257..c877282 100644
--- a/lib/int.h
+++ b/lib/int.h
@@ -97,7 +97,7 @@ typedef struct tag_and_class_st
 #define ETYPE_TAG(etype) (_asn1_tags[etype].tag)
 #define ETYPE_CLASS(etype) (_asn1_tags[etype].class)
 #define ETYPE_OK(etype) (((etype) != ASN1_ETYPE_INVALID && \
-                          (etype) <= _asn1_tags_size && \
+			   (etype) < _asn1_tags_size && \
                           _asn1_tags[(etype)].desc != NULL)?1:0)
 
 #define ETYPE_IS_STRING(etype) ((etype == ASN1_ETYPE_GENERALSTRING || \
-- 
2.25.1