I've looked at the differences between the 0.9.5a and the official patch and i
found
that the following portion of asn1_lib.c patch is not in 0.9.5a one althoug the
code
is already in 0.9.5a source code.
Do you have an explanation ?
Please cc me for any reply, i'm not subscribe to openssl-dev and i need a reply
quickly.
Thanks,
--
Mathieu Lafon - Arkoon Network Security
--- crypto/asn1/asn1_lib.c 2001/03/30 13:42:32 1.19.2.1
+++ crypto/asn1/asn1_lib.c 2002/07/30 09:14:17
@@ -124,15 +124,13 @@
(int)(omax+ *pp));
#endif
-#if 0
- if ((p+ *plength) > (omax+ *pp))
+ if (*plength > (omax - (*pp - p)))
{
ASN1err(ASN1_F_ASN1_GET_OBJECT,ASN1_R_TOO_LONG);
/* Set this so that even if things are not long enough
* the values are set correctly */
ret|=0x80;
}
-#endif
*pp=p;
return(ret|inf);
err:
@@ -159,6 +157,8 @@
i= *p&0x7f;
if (*(p++) & 0x80)
{
+ if (i > sizeof(long))
+ return 0;
if (max-- == 0) return(0);
while (i-- > 0)
{
@@ -170,6 +170,8 @@
else
ret=i;
}
+ if (ret < 0)
+ return 0;
*pp=p;
*rl=ret;
return(1);
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
