X-Git-Url: http://git.pld-linux.org/?p=packages%2Fopenssl.git;a=blobdiff_plain;f=openssl-0.9.6c-security.patch;h=92daecfe5b50b284efb984c679c530ef8296a083;hp=3244b0c7591f868378dacd8fb6d6841bb2758909;hb=a0aad36188b596b0d48bc528ad03697061ddd44e;hpb=e635c11d0cf336448fa3bfa1a17e172ca28c21c5

diff --git a/openssl-0.9.6c-security.patch b/openssl-0.9.6c-security.patch
index 3244b0c..92daecf 100644
--- a/openssl-0.9.6c-security.patch
+++ b/openssl-0.9.6c-security.patch
@@ -31,13 +31,21 @@
  #endif
 --- crypto/asn1/asn1_lib.c.orig	Fri Mar 30 06:42:32 2001
 +++ crypto/asn1/asn1_lib.c	Fri Jul 26 10:43:56 2002
+@@ -57,6 +57,7 @@
+  */
+ 
+ #include <stdio.h>
++#include <limits.h>
+ #include "cryptlib.h"
+ #include <openssl/asn1.h>
+ #include <openssl/asn1_mac.h>
 @@ -124,15 +124,13 @@
  		(int)(omax+ *pp));
  
  #endif
 -#if 0
 -	if ((p+ *plength) > (omax+ *pp))
-+	if (*plength > (omax - (*pp - p)))
++	if (*plength > (omax - (p - *pp)))
  		{
  		ASN1err(ASN1_F_ASN1_GET_OBJECT,ASN1_R_TOO_LONG);
  		/* Set this so that even if things are not long enough
@@ -48,6 +56,15 @@
  	*pp=p;
  	return(ret|inf);
  err:
+@@ -143,7 +142,7 @@
+ static int asn1_get_length(unsigned char **pp, int *inf, long *rl, int max)
+ 	{
+ 	unsigned char *p= *pp;
+-	long ret=0;
++	unsigned long ret=0;
+ 	int i;
+ 
+ 	if (max-- < 1) return(0);
 @@ -159,6 +157,8 @@
  		i= *p&0x7f;
  		if (*(p++) & 0x80)
@@ -57,15 +74,18 @@
  			if (max-- == 0) return(0);
  			while (i-- > 0)
  				{
-@@ -170,6 +170,8 @@
+@@ -170,8 +171,10 @@
  		else
  			ret=i;
  		}
-+	if (ret < 0)
++	if (ret > LONG_MAX)
 +		return 0;
  	*pp=p;
- 	*rl=ret;
+-	*rl=ret;
++	*rl=(long)ret;
  	return(1);
+ 	}
+  
 @@ -407,7 +407,7 @@
  
  void asn1_add_error(unsigned char *address, int offset)