Attachment 14720 Details for Bug 46906

[patch] patch for < 0.9.6f

openssl-engine-0.9.6d-asn1.dif (text/plain), 1.08 KB, created by Peter Poeml on 2003-09-30 23:29:53 UTC

(hide)

Description:

Filename:

MIME Type:

Creator: Peter Poeml

Created: 2003-09-30 23:29:53 UTC

Size: 1.08 KB

patch

obsolete

>diff -uNr openssl-0.9.6d.orig/crypto/asn1/asn1_lib.c openssl-0.9.6d/crypto/asn1/asn1_lib.c
>--- openssl-0.9.6d.orig/crypto/asn1/asn1_lib.c	2001-03-30 15:42:32.000000000 +0200
>+++ openssl-0.9.6d/crypto/asn1/asn1_lib.c	2003-09-30 17:16:17.000000000 +0200
>@@ -57,6 +57,7 @@
>  */
> 
> #include <stdio.h>
>+#include <limits.h>
> #include "cryptlib.h"
> #include <openssl/asn1.h>
> #include <openssl/asn1_mac.h>
>@@ -103,10 +104,12 @@
> 			l<<=7L;
> 			l|= *(p++)&0x7f;
> 			if (--max == 0) goto err;
>+			if (l > (INT_MAX >> 7L)) goto err;
> 			}
> 		l<<=7L;
> 		l|= *(p++)&0x7f;
> 		tag=(int)l;
>+		if (--max == 0) goto err;
> 		}
> 	else
> 		{ 
>diff -uNr openssl-0.9.6d.orig/crypto/x509/x509_vfy.c openssl-0.9.6d/crypto/x509/x509_vfy.c
>--- openssl-0.9.6d.orig/crypto/x509/x509_vfy.c	2001-07-30 13:51:06.000000000 +0200
>+++ openssl-0.9.6d/crypto/x509/x509_vfy.c	2003-09-30 17:16:03.000000000 +0200
>@@ -490,7 +490,7 @@
> 				ok=(*cb)(0,ctx);
> 				if (!ok) goto end;
> 				}
>-			if (X509_verify(xs,pkey) <= 0)
>+			else if (X509_verify(xs,pkey) <= 0)
> 				{
> 				ctx->error=X509_V_ERR_CERT_SIGNATURE_FAILURE;
> 				ctx->current_cert=xs;

Actions: View | Diff

Attachments on bug 46906: 14718 | 14719 | 14720