From cdf17c7e9fb97156ce4c38fa1f02f1902ec9ab6c Mon Sep 17 00:00:00 2001
From: bluhm <>
Date: Fri, 6 Apr 2018 12:16:06 +0000
Subject: Revert revision 1.12 commit.  Although *pval looks like a C pointer,
 it may be something else.  For primitive types it is possible that a boolean
 int has been casted to an ASN1_VALUE pointer.  Then the 64 bit read access to
 *pval may crash due to alignent or 32 bit size. bug report Anton Borowka; OK
 tedu@ jsing@ miod@

---
 src/lib/libcrypto/asn1/tasn_fre.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/src/lib/libcrypto/asn1/tasn_fre.c b/src/lib/libcrypto/asn1/tasn_fre.c
index 9276034808..c05310ec28 100644
--- a/src/lib/libcrypto/asn1/tasn_fre.c
+++ b/src/lib/libcrypto/asn1/tasn_fre.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tasn_fre.c,v 1.15 2016/12/30 16:04:34 jsing Exp $ */
+/* $OpenBSD: tasn_fre.c,v 1.16 2018/04/06 12:16:06 bluhm Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2000.
  */
@@ -88,7 +88,10 @@ asn1_item_combine_free(ASN1_VALUE **pval, const ASN1_ITEM *it, int combine)
 	ASN1_aux_cb *asn1_cb = NULL;
 	int i;
 
-	if (pval == NULL || *pval == NULL)
+	if (pval == NULL)
+		return;
+	/* For primitive types *pval may be something other than C pointer. */
+	if (it->itype != ASN1_ITYPE_PRIMITIVE && *pval == NULL)
 		return;
 
 	if (aux != NULL && aux->asn1_cb != NULL)
-- 
cgit v1.2.3-55-g6feb