[src/trunk]: src/crypto/dist/openssl/crypto Apply security fix: http://www.op...

[christos <christos%NetBSD.org@localhost>]

details:   https://anonhg.NetBSD.org/src/rev/8f6f81a1499b
branches:  trunk
changeset: 552694:8f6f81a1499b
user:      christos <christos%NetBSD.org@localhost>
date:      Tue Sep 30 15:59:53 2003 +0000

description:
Apply security fix: http://www.openssl.org/news/secadv_20030930.txt
Changelog from: http://cvs.openssl.org/chngview?cn=11471

diffstat:

 crypto/dist/openssl/crypto/asn1/asn1_lib.c |  2 ++
 crypto/dist/openssl/crypto/asn1/tasn_dec.c |  9 ++++++++-
 crypto/dist/openssl/crypto/x509/x509_vfy.c |  2 +-
 3 files changed, 11 insertions(+), 2 deletions(-)

diffs (61 lines):

diff -r a5679c6232ae -r 8f6f81a1499b crypto/dist/openssl/crypto/asn1/asn1_lib.c
--- a/crypto/dist/openssl/crypto/asn1/asn1_lib.c        Tue Sep 30 15:00:18 2003 +0000
+++ b/crypto/dist/openssl/crypto/asn1/asn1_lib.c        Tue Sep 30 15:59:53 2003 +0000
@@ -104,10 +104,12 @@
                        l<<=7L;
                        l|= *(p++)&0x7f;
                        if (--max == 0) goto err;
+                       if (l > (INT_MAX >> 7L)) goto err;
                        }
                l<<=7L;
                l|= *(p++)&0x7f;
                tag=(int)l;
+               if (--max == 0) goto err;
                }
        else
                { 
diff -r a5679c6232ae -r 8f6f81a1499b crypto/dist/openssl/crypto/asn1/tasn_dec.c
--- a/crypto/dist/openssl/crypto/asn1/tasn_dec.c        Tue Sep 30 15:00:18 2003 +0000
+++ b/crypto/dist/openssl/crypto/asn1/tasn_dec.c        Tue Sep 30 15:59:53 2003 +0000
@@ -691,6 +691,7 @@
 
 int asn1_ex_c2i(ASN1_VALUE **pval, unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it)
 {
+       ASN1_VALUE **opval = NULL;
        ASN1_STRING *stmp;
        ASN1_TYPE *typ = NULL;
        int ret = 0;
@@ -705,6 +706,7 @@
                        *pval = (ASN1_VALUE *)typ;
                } else typ = (ASN1_TYPE *)*pval;
                if(utype != typ->type) ASN1_TYPE_set(typ, utype, NULL);
+               opval = pval;
                pval = (ASN1_VALUE **)&typ->value.ptr;
        }
        switch(utype) {
@@ -796,7 +798,12 @@
 
        ret = 1;
        err:
-       if(!ret) ASN1_TYPE_free(typ);
+       if(!ret)
+               {
+               ASN1_TYPE_free(typ);
+               if (opval)
+                       *opval = NULL;
+               }
        return ret;
 }
 
diff -r a5679c6232ae -r 8f6f81a1499b crypto/dist/openssl/crypto/x509/x509_vfy.c
--- a/crypto/dist/openssl/crypto/x509/x509_vfy.c        Tue Sep 30 15:00:18 2003 +0000
+++ b/crypto/dist/openssl/crypto/x509/x509_vfy.c        Tue Sep 30 15:59:53 2003 +0000
@@ -674,7 +674,7 @@
                                ok=(*cb)(0,ctx);
                                if (!ok) goto end;
                                }
-                       if (X509_verify(xs,pkey) <= 0)
+                       else if (X509_verify(xs,pkey) <= 0)
                                /* XXX  For the final trusted self-signed cert,
                                 * this is a waste of time.  That check should
                                 * optional so that e.g. 'openssl x509' can be