Bugzilla – Attachment 14719 Details for
Bug 46906
VUL-0: CVE-2003-0543: openssl ASN1 parsing bugs
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
IDP Log In
|
Forgot Password
[patch]
appliable patch for 0.9.7b
openssl-0.9.7b-asn1.dif (text/plain), 1.87 KB, created by
Peter Poeml
on 2003-09-30 23:03:29 UTC
(
hide
)
Description:
appliable patch for 0.9.7b
Filename:
MIME Type:
Creator:
Peter Poeml
Created:
2003-09-30 23:03:29 UTC
Size:
1.87 KB
patch
obsolete
>diff -uNr openssl-0.9.7b.orig/crypto/asn1/asn1_lib.c openssl-0.9.7b/crypto/asn1/asn1_lib.c >--- openssl-0.9.7b.orig/crypto/asn1/asn1_lib.c 2002-08-02 21:03:41.000000000 +0200 >+++ openssl-0.9.7b/crypto/asn1/asn1_lib.c 2003-09-30 16:04:04.000000000 +0200 >@@ -104,10 +104,12 @@ > l<<=7L; > l|= *(p++)&0x7f; > if (--max == 0) goto err; >+ if (l > (INT_MAX >> 7L)) goto err; > } > l<<=7L; > l|= *(p++)&0x7f; > tag=(int)l; >+ if (--max == 0) goto err; > } > else > { >diff -uNr openssl-0.9.7b.orig/crypto/asn1/tasn_dec.c openssl-0.9.7b/crypto/asn1/tasn_dec.c >--- openssl-0.9.7b.orig/crypto/asn1/tasn_dec.c 2002-11-12 14:21:26.000000000 +0100 >+++ openssl-0.9.7b/crypto/asn1/tasn_dec.c 2003-09-30 16:07:00.000000000 +0200 >@@ -691,6 +691,7 @@ > > int asn1_ex_c2i(ASN1_VALUE **pval, unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it) > { >+ ASN1_VALUE **opval = NULL; > ASN1_STRING *stmp; > ASN1_TYPE *typ = NULL; > int ret = 0; >@@ -705,6 +706,7 @@ > *pval = (ASN1_VALUE *)typ; > } else typ = (ASN1_TYPE *)*pval; > if(utype != typ->type) ASN1_TYPE_set(typ, utype, NULL); >+ opval = pval; > pval = (ASN1_VALUE **)&typ->value.ptr; > } > switch(utype) { >@@ -796,7 +798,12 @@ > > ret = 1; > err: >- if(!ret) ASN1_TYPE_free(typ); >+ if(!ret) >+ { >+ ASN1_TYPE_free(typ); >+ if (opval) >+ *opval = NULL; >+ } > return ret; > } > >diff -uNr openssl-0.9.7b.orig/crypto/x509/x509_vfy.c openssl-0.9.7b/crypto/x509/x509_vfy.c >--- openssl-0.9.7b.orig/crypto/x509/x509_vfy.c 2003-03-24 17:58:01.000000000 +0100 >+++ openssl-0.9.7b/crypto/x509/x509_vfy.c 2003-09-30 16:07:33.000000000 +0200 >@@ -674,7 +674,7 @@ > ok=(*cb)(0,ctx); > if (!ok) goto end; > } >- if (X509_verify(xs,pkey) <= 0) >+ else if (X509_verify(xs,pkey) <= 0) > /* XXX For the final trusted self-signed cert, > * this is a waste of time. That check should > * optional so that e.g. 'openssl x509' can be
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=14719">View the attachment on a separate page</a>.</b>
Actions:
View
|
Diff
Attachments on
bug 46906
:
14718
| 14719 |
14720