[src/trunk]: src/crypto/external/bsd/openssl/dist/crypto/asn1 apply upstream ...

To: source-changes-hg%NetBSD.org@localhost
Subject: [src/trunk]: src/crypto/external/bsd/openssl/dist/crypto/asn1 apply upstream ...
From: drochner <drochner%NetBSD.org@localhost>
Date: Mon, 06 Apr 2020 22:54:59 +0000

details:   https://anonhg.NetBSD.org/src/rev/04ef81830f55
branches:  trunk
changeset: 777663:04ef81830f55
user:      drochner <drochner%NetBSD.org@localhost>
date:      Tue Feb 28 17:23:58 2012 +0000

description:
apply upstream rev.22146: Tolerate bad MIME headers in parser.
avoids possible NULL dereference (CVE-2006-7248)

diffstat:

 crypto/external/bsd/openssl/dist/crypto/asn1/asn_mime.c |  4 ++++
 1 files changed, 4 insertions(+), 0 deletions(-)

diffs (14 lines):

diff -r f8411474284d -r 04ef81830f55 crypto/external/bsd/openssl/dist/crypto/asn1/asn_mime.c
--- a/crypto/external/bsd/openssl/dist/crypto/asn1/asn_mime.c   Tue Feb 28 17:09:29 2012 +0000
+++ b/crypto/external/bsd/openssl/dist/crypto/asn1/asn_mime.c   Tue Feb 28 17:23:58 2012 +0000
@@ -858,6 +858,10 @@
 static int mime_hdr_cmp(const MIME_HEADER * const *a,
                        const MIME_HEADER * const *b)
 {
+       if ((*a)->name == NULL || (*b)->name == NULL)
+               return (*a)->name - (*b)->name < 0 ? -1 :
+                       (*a)->name - (*b)->name > 0 ? 1 : 0;
+
        return(strcmp((*a)->name, (*b)->name));
 }

Prev by Date: [src/trunk]: src Merge XZ 5.0.3.
Next by Date: [src/trunk]: src/sys/arch/x86/pci cosmetic, spelling, and grammar adjustments
Previous by Thread: [src/trunk]: src Merge XZ 5.0.3.
Next by Thread: [src/trunk]: src/sys/arch/x86/pci cosmetic, spelling, and grammar adjustments
Indexes:

Home | Main Index | Thread Index | Old Index