summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorbeck <>2015-12-04 04:22:24 +0000
committerbeck <>2015-12-04 04:22:24 +0000
commit58485e4681efae946fc202175369e8b0c6da453e (patch)
tree5bcf371cb1b9906c74a597f992b47b77a70cbe46
parentfbf9cb7263a20b0e8930c503b529b4b9b296b0af (diff)
downloadopenbsd-58485e4681efae946fc202175369e8b0c6da453e.tar.gz
openbsd-58485e4681efae946fc202175369e8b0c6da453e.tar.bz2
openbsd-58485e4681efae946fc202175369e8b0c6da453e.zip
Fix for OpenSSL CVE-2015-3195libressl-v2.1.9
Diffstat
-rw-r--r--src/lib/libssl/src/crypto/asn1/tasn_dec.c11
1 files changed, 8 insertions, 3 deletions
diff --git a/src/lib/libssl/src/crypto/asn1/tasn_dec.c b/src/lib/libssl/src/crypto/asn1/tasn_dec.c
index 7b8d55f015..c0b8198b1d 100644
--- a/src/lib/libssl/src/crypto/asn1/tasn_dec.c
+++ b/src/lib/libssl/src/crypto/asn1/tasn_dec.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: tasn_dec.c,v 1.25.4.1 2015/03/19 14:01:15 tedu Exp $ */ 1/* $OpenBSD: tasn_dec.c,v 1.25.4.2 2015/12/04 04:22:24 beck Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 2000. 3 * project 2000.
4 */ 4 */
@@ -166,6 +166,10 @@ ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
166 int otag; 166 int otag;
167 int ret = 0; 167 int ret = 0;
168 ASN1_VALUE **pchptr; 168 ASN1_VALUE **pchptr;
169 int combine;
170
171 combine = aclass & ASN1_TFLG_COMBINE;
172 aclass &= ~ASN1_TFLG_COMBINE;
169 173
170 if (!pval) 174 if (!pval)
171 return 0; 175 return 0;
@@ -445,7 +449,8 @@ ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
445auxerr: 449auxerr:
446 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_AUX_ERROR); 450 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_AUX_ERROR);
447err: 451err:
448 ASN1_item_ex_free(pval, it); 452 if (combine == 0)
453 ASN1_item_ex_free(pval, it);
449 if (errtt) 454 if (errtt)
450 ERR_asprintf_error_data("Field=%s, Type=%s", errtt->field_name, 455 ERR_asprintf_error_data("Field=%s, Type=%s", errtt->field_name,
451 it->sname); 456 it->sname);
@@ -640,7 +645,7 @@ asn1_template_noexp_d2i(ASN1_VALUE **val, const unsigned char **in, long len,
640 } else { 645 } else {
641 /* Nothing special */ 646 /* Nothing special */
642 ret = ASN1_item_ex_d2i(val, &p, len, ASN1_ITEM_ptr(tt->item), 647 ret = ASN1_item_ex_d2i(val, &p, len, ASN1_ITEM_ptr(tt->item),
643 -1, 0, opt, ctx); 648 -1, tt->flags & ASN1_TFLG_COMBINE, opt, ctx);
644 if (!ret) { 649 if (!ret) {
645 ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, 650 ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I,
646 ERR_R_NESTED_ASN1_ERROR); 651 ERR_R_NESTED_ASN1_ERROR);
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-08-04 21:45:06 +0000