- missing fixes for ASN.1
authorJakub Bogusz <qboosh@pld-linux.org>
Wed, 31 Jul 2002 09:22:46 +0000 (09:22 +0000)
committercvs2git <feedback@pld-linux.org>
Sun, 24 Jun 2012 12:13:13 +0000 (12:13 +0000)
Changed files:
    openssl-0.9.6c-security.patch -> 1.2

openssl-0.9.6c-security.patch

index 2ded6e282138bddea67ecfdcf6f13b3cd78fbe8a..3244b0c7591f868378dacd8fb6d6841bb2758909 100644 (file)
  #endif
 --- crypto/asn1/asn1_lib.c.orig        Fri Mar 30 06:42:32 2001
 +++ crypto/asn1/asn1_lib.c     Fri Jul 26 10:43:56 2002
+@@ -124,15 +124,13 @@
+               (int)(omax+ *pp));
+ #endif
+-#if 0
+-      if ((p+ *plength) > (omax+ *pp))
++      if (*plength > (omax - (*pp - p)))
+               {
+               ASN1err(ASN1_F_ASN1_GET_OBJECT,ASN1_R_TOO_LONG);
+               /* Set this so that even if things are not long enough
+                * the values are set correctly */
+               ret|=0x80;
+               }
+-#endif
+       *pp=p;
+       return(ret|inf);
+ err:
+@@ -159,6 +157,8 @@
+               i= *p&0x7f;
+               if (*(p++) & 0x80)
+                       {
++                      if (i > sizeof(long))
++                              return 0;
+                       if (max-- == 0) return(0);
+                       while (i-- > 0)
+                               {
+@@ -170,6 +170,8 @@
+               else
+                       ret=i;
+               }
++      if (ret < 0)
++              return 0;
+       *pp=p;
+       *rl=ret;
+       return(1);
 @@ -407,7 +407,7 @@
  
  void asn1_add_error(unsigned char *address, int offset)
This page took 0.040772 seconds and 4 git commands to generate.