- massive cleaning

[packages/openssl.git] / openssl-0.9.6c-security.patch

diff --git a/openssl-0.9.6c-security.patch b/openssl-0.9.6c-security.patch
index 3244b0c7591f868378dacd8fb6d6841bb2758909..92daecfe5b50b284efb984c679c530ef8296a083 100644 (file)
--- a/openssl-0.9.6c-security.patch
+++ b/openssl-0.9.6c-security.patch
@@ -31,13 +31,21 @@
  #endif
 --- crypto/asn1/asn1_lib.c.orig        Fri Mar 30 06:42:32 2001
 +++ crypto/asn1/asn1_lib.c     Fri Jul 26 10:43:56 2002
+@@ -57,6 +57,7 @@
+  */
+ 
+ #include <stdio.h>
++#include <limits.h>
+ #include "cryptlib.h"
+ #include <openssl/asn1.h>
+ #include <openssl/asn1_mac.h>
 @@ -124,15 +124,13 @@
                (int)(omax+ *pp));
  
  #endif
 -#if 0
 -      if ((p+ *plength) > (omax+ *pp))
-+      if (*plength > (omax - (*pp - p)))
++      if (*plength > (omax - (p - *pp)))
                {
                ASN1err(ASN1_F_ASN1_GET_OBJECT,ASN1_R_TOO_LONG);
                /* Set this so that even if things are not long enough
@@ -48,6 +56,15 @@
        *pp=p;
        return(ret|inf);
  err:
+@@ -143,7 +142,7 @@
+ static int asn1_get_length(unsigned char **pp, int *inf, long *rl, int max)
+       {
+       unsigned char *p= *pp;
+-      long ret=0;
++      unsigned long ret=0;
+       int i;
+ 
+       if (max-- < 1) return(0);
 @@ -159,6 +157,8 @@
                i= *p&0x7f;
                if (*(p++) & 0x80)
@@ -57,15 +74,18 @@
                        if (max-- == 0) return(0);
                        while (i-- > 0)
                                {
-@@ -170,6 +170,8 @@
+@@ -170,8 +171,10 @@
                else
                        ret=i;
                }
-+      if (ret < 0)
++      if (ret > LONG_MAX)
 +              return 0;
        *pp=p;
-       *rl=ret;
+-      *rl=ret;
++      *rl=(long)ret;
        return(1);
+       }
+  
 @@ -407,7 +407,7 @@
  
  void asn1_add_error(unsigned char *address, int offset)