diff -urN strongswan-4.2.15/src/libstrongswan/asn1/asn1.c strongswan-4.2.15_asn1_rdn/src/libstrongswan/asn1/asn1.c
--- strongswan-4.2.15/src/libstrongswan/asn1/asn1.c	2009-05-26 14:15:08.000000000 +0200
+++ strongswan-4.2.15_asn1_rdn/src/libstrongswan/asn1/asn1.c	2009-06-18 22:12:11.000000000 +0200
@@ -261,6 +261,11 @@
 		len = 256*len + *blob->ptr++;
 		blob->len--;
 	}
+	if (len > blob->len)
+	{
+		DBG2("length is larger than remaining blob size");
+		return ASN1_INVALID_LENGTH;
+	}
 	return len;
 }
 
diff -urN strongswan-4.2.15/src/libstrongswan/asn1/asn1_parser.c strongswan-4.2.15_asn1_rdn/src/libstrongswan/asn1/asn1_parser.c
--- strongswan-4.2.15/src/libstrongswan/asn1/asn1_parser.c	2009-05-26 14:15:08.000000000 +0200
+++ strongswan-4.2.15_asn1_rdn/src/libstrongswan/asn1/asn1_parser.c	2009-06-18 22:12:11.000000000 +0200
@@ -160,7 +160,7 @@
 	
 	blob1->len = asn1_length(blob);
 	
-	if (blob1->len == ASN1_INVALID_LENGTH || blob->len < blob1->len)
+	if (blob1->len == ASN1_INVALID_LENGTH)
 	{
 		DBG1("L%d - %s:  length of ASN.1 object invalid or too large", 
 					level, obj.name);
diff -urN strongswan-4.2.15/src/pluto/asn1.c strongswan-4.2.15_asn1_rdn/src/pluto/asn1.c
--- strongswan-4.2.15/src/pluto/asn1.c	2009-05-26 14:15:08.000000000 +0200
+++ strongswan-4.2.15_asn1_rdn/src/pluto/asn1.c	2009-06-18 22:19:53.000000000 +0200
@@ -191,6 +191,13 @@
 	len = 256*len + *blob->ptr++;
 	blob->len--;
     }
+    if (len > blob->len)
+    {
+	DBG(DBG_PARSING,
+	    DBG_log("length is larger than remaining blob size")
+	)
+	return ASN1_INVALID_LENGTH;
+    }
     return len;
 }
 
@@ -592,7 +599,7 @@
 
     blob1->len = asn1_length(blob);
 
-    if (blob1->len == ASN1_INVALID_LENGTH || blob->len < blob1->len)
+    if (blob1->len == ASN1_INVALID_LENGTH)
     {
 	DBG(DBG_PARSING,
 	    DBG_log("L%d - %s:  length of ASN.1 object invalid or too large",