X-Git-Url: http://git.pld-linux.org/?p=packages%2Fopenssl.git;a=blobdiff_plain;f=openssl-0.9.6c-security.patch;h=92daecfe5b50b284efb984c679c530ef8296a083;hp=2ded6e282138bddea67ecfdcf6f13b3cd78fbe8a;hb=a0aad36188b596b0d48bc528ad03697061ddd44e;hpb=9920e6ec3c456be34bf62ee65820a3eccbd06529

diff --git a/openssl-0.9.6c-security.patch b/openssl-0.9.6c-security.patch
index 2ded6e2..92daecf 100644
--- a/openssl-0.9.6c-security.patch
+++ b/openssl-0.9.6c-security.patch
@@ -31,6 +31,61 @@
  #endif
 --- crypto/asn1/asn1_lib.c.orig	Fri Mar 30 06:42:32 2001
 +++ crypto/asn1/asn1_lib.c	Fri Jul 26 10:43:56 2002
+@@ -57,6 +57,7 @@
+  */
+ 
+ #include <stdio.h>
++#include <limits.h>
+ #include "cryptlib.h"
+ #include <openssl/asn1.h>
+ #include <openssl/asn1_mac.h>
+@@ -124,15 +124,13 @@
+ 		(int)(omax+ *pp));
+ 
+ #endif
+-#if 0
+-	if ((p+ *plength) > (omax+ *pp))
++	if (*plength > (omax - (p - *pp)))
+ 		{
+ 		ASN1err(ASN1_F_ASN1_GET_OBJECT,ASN1_R_TOO_LONG);
+ 		/* Set this so that even if things are not long enough
+ 		 * the values are set correctly */
+ 		ret|=0x80;
+ 		}
+-#endif
+ 	*pp=p;
+ 	return(ret|inf);
+ err:
+@@ -143,7 +142,7 @@
+ static int asn1_get_length(unsigned char **pp, int *inf, long *rl, int max)
+ 	{
+ 	unsigned char *p= *pp;
+-	long ret=0;
++	unsigned long ret=0;
+ 	int i;
+ 
+ 	if (max-- < 1) return(0);
+@@ -159,6 +157,8 @@
+ 		i= *p&0x7f;
+ 		if (*(p++) & 0x80)
+ 			{
++			if (i > sizeof(long))
++				return 0;
+ 			if (max-- == 0) return(0);
+ 			while (i-- > 0)
+ 				{
+@@ -170,8 +171,10 @@
+ 		else
+ 			ret=i;
+ 		}
++	if (ret > LONG_MAX)
++		return 0;
+ 	*pp=p;
+-	*rl=ret;
++	*rl=(long)ret;
+ 	return(1);
+ 	}
+  
 @@ -407,7 +407,7 @@
  
  void asn1_add_error(unsigned char *address, int offset)