From e8e64fa6046f4de6e0afa0bcfaf08478e7afaafe Mon Sep 17 00:00:00 2001
From: tedu <>
Date: Thu, 15 Oct 2015 02:23:06 +0000
Subject: pull up fixes for leak and overrun

---
 src/lib/libssl/src/crypto/objects/obj_dat.c | 10 ++++------
 1 file changed, 4 insertions(+), 6 deletions(-)

diff --git a/src/lib/libssl/src/crypto/objects/obj_dat.c b/src/lib/libssl/src/crypto/objects/obj_dat.c
index 15c298e333..2b695fea72 100644
--- a/src/lib/libssl/src/crypto/objects/obj_dat.c
+++ b/src/lib/libssl/src/crypto/objects/obj_dat.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: obj_dat.c,v 1.31 2014/08/08 04:53:43 guenther Exp $ */
+/* $OpenBSD: obj_dat.c,v 1.31.2.1 2015/10/15 02:23:05 tedu Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -491,7 +491,6 @@ OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name)
 {
 	int i, ret = 0, len, nid, first = 1, use_bn;
 	BIGNUM *bl = NULL;
-	char *bndec = NULL;
 	unsigned long l;
 	const unsigned char *p;
 
@@ -567,14 +566,16 @@ OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name)
 		}
 
 		if (use_bn) {
+			char *bndec;
+
 			bndec = BN_bn2dec(bl);
 			if (!bndec)
 				goto err;
 			i = snprintf(buf, buf_len, ".%s", bndec);
+			free(bndec);
 			if (i == -1)
 				goto err;
 			if (i >= buf_len) {
-				buf += buf_len;
 				buf_len = 0;
 			} else {
 				buf += i;
@@ -586,7 +587,6 @@ OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name)
 			if (i == -1)
 				goto err;
 			if (i >= buf_len) {
-				buf += buf_len;
 				buf_len = 0;
 			} else {
 				buf += i;
@@ -598,13 +598,11 @@ OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name)
 	}
 
 out:
-	free(bndec);
 	BN_free(bl);
 	return ret;
 
 err:
 	ret = 0;
-	buf[0] = '\0';
 	goto out;
 }
 
-- 
cgit v1.2.3-55-g6feb