[src/netbsd-1-6]: src/crypto/dist/openssl Apply patch (requested by itojun in...

[msaitoh <msaitoh%NetBSD.org@localhost>]

details:   https://anonhg.NetBSD.org/src/rev/fa922a15522c
branches:  netbsd-1-6
changeset: 531001:fa922a15522c
user:      msaitoh <msaitoh%NetBSD.org@localhost>
date:      Fri Nov 07 04:57:12 2003 +0000

description:
Apply patch (requested by itojun in ticket #1557):
 Changes between 0.9.6k and 0.9.6l  [04 Nov 2003]
 *) Fix additional bug revealed by the NISCC test suite:
  Stop bug triggering large recursion when presented with
  certain ASN.1 tags (CAN-2003-0851)
  [Steve Henson]

diffstat:

 crypto/dist/openssl/crypto/asn1/a_bytes.c |  13 +++++++------
 crypto/dist/openssl/ssl/ssl_ciph.c        |   4 ++--
 2 files changed, 9 insertions(+), 8 deletions(-)

diffs (59 lines):

diff -r 264a382663ba -r fa922a15522c crypto/dist/openssl/crypto/asn1/a_bytes.c
--- a/crypto/dist/openssl/crypto/asn1/a_bytes.c Tue Oct 28 16:03:15 2003 +0000
+++ b/crypto/dist/openssl/crypto/asn1/a_bytes.c Fri Nov 07 04:57:12 2003 +0000
@@ -201,7 +201,10 @@
                c.pp=pp;
                c.p=p;
                c.inf=inf;
-               c.slen=len;
+               if (inf & 1)
+                       c.slen = length - (p - *pp);
+               else
+                       c.slen=len;
                c.tag=Ptag;
                c.xclass=Pclass;
                c.max=(length == 0)?0:(p+length);
@@ -279,8 +282,7 @@
                {
                if (c->inf & 1)
                        {
-                       c->eos=ASN1_check_infinite_end(&c->p,
-                               (long)(c->max-c->p));
+                       c->eos=ASN1_check_infinite_end(&c->p, c->slen);
                        if (c->eos) break;
                        }
                else
@@ -289,7 +291,7 @@
                        }
 
                c->q=c->p;
-               if (d2i_ASN1_bytes(&os,&c->p,c->max-c->p,c->tag,c->xclass)
+               if (d2i_ASN1_bytes(&os,&c->p,c->slen,c->tag,c->xclass)
                        == NULL)
                        {
                        c->error=ERR_R_ASN1_LIB;
@@ -302,8 +304,7 @@
                        goto err;
                        }
                memcpy(&(b.data[num]),os->data,os->length);
-               if (!(c->inf & 1))
-                       c->slen-=(c->p-c->q);
+               c->slen-=(c->p-c->q);
                num+=os->length;
                }
 
diff -r 264a382663ba -r fa922a15522c crypto/dist/openssl/ssl/ssl_ciph.c
--- a/crypto/dist/openssl/ssl/ssl_ciph.c        Tue Oct 28 16:03:15 2003 +0000
+++ b/crypto/dist/openssl/ssl/ssl_ciph.c        Fri Nov 07 04:57:12 2003 +0000
@@ -1069,9 +1069,9 @@
        if ((sk == NULL) || !sk_SSL_COMP_push(sk,comp))
                {
                SSLerr(SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD,ERR_R_MALLOC_FAILURE);
-               return(0);
+               return(1);
                }
        else
-               return(1);
+               return(0);
        }