diff options
| author | beck <> | 2015-12-04 04:22:24 +0000 |
|---|---|---|
| committer | beck <> | 2015-12-04 04:22:24 +0000 |
| commit | 9d74b492cb913dd2f6ff73e839389649c588d06f (patch) | |
| tree | 5bcf371cb1b9906c74a597f992b47b77a70cbe46 /src | |
| parent | 9ec6d4074b5f3899c59d4224b79f5138ea47ab78 (diff) | |
| download | openbsd-libressl-v2.1.9.tar.gz openbsd-libressl-v2.1.9.tar.bz2 openbsd-libressl-v2.1.9.zip | |
Fix for OpenSSL CVE-2015-3195libressl-v2.1.9
Diffstat (limited to 'src')
| -rw-r--r-- | src/lib/libssl/src/crypto/asn1/tasn_dec.c | 11 |
1 files changed, 8 insertions, 3 deletions
diff --git a/src/lib/libssl/src/crypto/asn1/tasn_dec.c b/src/lib/libssl/src/crypto/asn1/tasn_dec.c index 7b8d55f015..c0b8198b1d 100644 --- a/src/lib/libssl/src/crypto/asn1/tasn_dec.c +++ b/src/lib/libssl/src/crypto/asn1/tasn_dec.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: tasn_dec.c,v 1.25.4.1 2015/03/19 14:01:15 tedu Exp $ */ | 1 | /* $OpenBSD: tasn_dec.c,v 1.25.4.2 2015/12/04 04:22:24 beck Exp $ */ |
| 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 2000. | 3 | * project 2000. |
| 4 | */ | 4 | */ |
| @@ -166,6 +166,10 @@ ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, | |||
| 166 | int otag; | 166 | int otag; |
| 167 | int ret = 0; | 167 | int ret = 0; |
| 168 | ASN1_VALUE **pchptr; | 168 | ASN1_VALUE **pchptr; |
| 169 | int combine; | ||
| 170 | |||
| 171 | combine = aclass & ASN1_TFLG_COMBINE; | ||
| 172 | aclass &= ~ASN1_TFLG_COMBINE; | ||
| 169 | 173 | ||
| 170 | if (!pval) | 174 | if (!pval) |
| 171 | return 0; | 175 | return 0; |
| @@ -445,7 +449,8 @@ ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, | |||
| 445 | auxerr: | 449 | auxerr: |
| 446 | ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_AUX_ERROR); | 450 | ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_AUX_ERROR); |
| 447 | err: | 451 | err: |
| 448 | ASN1_item_ex_free(pval, it); | 452 | if (combine == 0) |
| 453 | ASN1_item_ex_free(pval, it); | ||
| 449 | if (errtt) | 454 | if (errtt) |
| 450 | ERR_asprintf_error_data("Field=%s, Type=%s", errtt->field_name, | 455 | ERR_asprintf_error_data("Field=%s, Type=%s", errtt->field_name, |
| 451 | it->sname); | 456 | it->sname); |
| @@ -640,7 +645,7 @@ asn1_template_noexp_d2i(ASN1_VALUE **val, const unsigned char **in, long len, | |||
| 640 | } else { | 645 | } else { |
| 641 | /* Nothing special */ | 646 | /* Nothing special */ |
| 642 | ret = ASN1_item_ex_d2i(val, &p, len, ASN1_ITEM_ptr(tt->item), | 647 | ret = ASN1_item_ex_d2i(val, &p, len, ASN1_ITEM_ptr(tt->item), |
| 643 | -1, 0, opt, ctx); | 648 | -1, tt->flags & ASN1_TFLG_COMBINE, opt, ctx); |
| 644 | if (!ret) { | 649 | if (!ret) { |
| 645 | ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, | 650 | ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, |
| 646 | ERR_R_NESTED_ASN1_ERROR); | 651 | ERR_R_NESTED_ASN1_ERROR); |