From: Jakub Bogusz <qboosh@pld-linux.org>
Date: Wed, 31 Jul 2002 09:22:46 +0000 (+0000)
Subject: - missing fixes for ASN.1
X-Git-Tag: openssl-0_9_6c-3~2
X-Git-Url: http://git.pld-linux.org/?p=packages%2Fopenssl.git;a=commitdiff_plain;h=e635c11d0cf336448fa3bfa1a17e172ca28c21c5

- missing fixes for ASN.1

Changed files:
    openssl-0.9.6c-security.patch -> 1.2
---

diff --git a/openssl-0.9.6c-security.patch b/openssl-0.9.6c-security.patch
index 2ded6e2..3244b0c 100644
--- a/openssl-0.9.6c-security.patch
+++ b/openssl-0.9.6c-security.patch
@@ -31,6 +31,41 @@
  #endif
 --- crypto/asn1/asn1_lib.c.orig	Fri Mar 30 06:42:32 2001
 +++ crypto/asn1/asn1_lib.c	Fri Jul 26 10:43:56 2002
+@@ -124,15 +124,13 @@
+ 		(int)(omax+ *pp));
+ 
+ #endif
+-#if 0
+-	if ((p+ *plength) > (omax+ *pp))
++	if (*plength > (omax - (*pp - p)))
+ 		{
+ 		ASN1err(ASN1_F_ASN1_GET_OBJECT,ASN1_R_TOO_LONG);
+ 		/* Set this so that even if things are not long enough
+ 		 * the values are set correctly */
+ 		ret|=0x80;
+ 		}
+-#endif
+ 	*pp=p;
+ 	return(ret|inf);
+ err:
+@@ -159,6 +157,8 @@
+ 		i= *p&0x7f;
+ 		if (*(p++) & 0x80)
+ 			{
++			if (i > sizeof(long))
++				return 0;
+ 			if (max-- == 0) return(0);
+ 			while (i-- > 0)
+ 				{
+@@ -170,6 +170,8 @@
+ 		else
+ 			ret=i;
+ 		}
++	if (ret < 0)
++		return 0;
+ 	*pp=p;
+ 	*rl=ret;
+ 	return(1);
 @@ -407,7 +407,7 @@
  
  void asn1_add_error(unsigned char *address, int offset)