[Midnightbsd-cvs] src [6988] stable/0.5/crypto/openssl/crypto: Update to OpenSSL security patch to include CVE-2015-0209 and CVE-2015-0288

Fri Mar 20 08:22:48 EDT 2015

Revision: 6988
          http://svnweb.midnightbsd.org/src/?rev=6988
Author:   laffer1
Date:     2015-03-20 08:22:47 -0400 (Fri, 20 Mar 2015)
Log Message:
-----------
Update to OpenSSL security patch to include CVE-2015-0209 and CVE-2015-0288

Modified Paths:
--------------
    stable/0.5/crypto/openssl/crypto/asn1/tasn_dec.c
    stable/0.5/crypto/openssl/crypto/ec/ec_asn1.c
    stable/0.5/crypto/openssl/crypto/x509/x509_req.c

Modified: stable/0.5/crypto/openssl/crypto/asn1/tasn_dec.c
===================================================================

--- stable/0.5/crypto/openssl/crypto/asn1/tasn_dec.c	2015-03-20 01:18:50 UTC (rev 6987)
+++ stable/0.5/crypto/openssl/crypto/asn1/tasn_dec.c	2015-03-20 12:22:47 UTC (rev 6988)
@@ -126,23 +126,16 @@
 
 ASN1_VALUE *ASN1_item_d2i(ASN1_VALUE **pval,
 		const unsigned char **in, long len, const ASN1_ITEM *it)
-{
+	{
 	ASN1_TLC c;
 	ASN1_VALUE *ptmpval = NULL;
+	if (!pval)
+		pval = &ptmpval;
 	c.valid = 0;
-	if (pval && *pval && it->itype == ASN1_ITYPE_PRIMITIVE)
-		ptmpval = *pval;
-
-	if (ASN1_item_ex_d2i(&ptmpval, in, len, it, -1, 0, 0, &c) > 0) {
-		if (pval && it->itype != ASN1_ITYPE_PRIMITIVE) {
-			if (*pval)
-				ASN1_item_free(*pval, it);
-			*pval = ptmpval;
-		}
-		return ptmpval;
+	if (ASN1_item_ex_d2i(pval, in, len, it, -1, 0, 0, &c) > 0) 
+		return *pval;
+	return NULL;
 	}
-	return NULL;
-}
 
 int ASN1_template_d2i(ASN1_VALUE **pval,
 		const unsigned char **in, long len, const ASN1_TEMPLATE *tt)

Modified: stable/0.5/crypto/openssl/crypto/ec/ec_asn1.c
===================================================================
--- stable/0.5/crypto/openssl/crypto/ec/ec_asn1.c	2015-03-20 01:18:50 UTC (rev 6987)
+++ stable/0.5/crypto/openssl/crypto/ec/ec_asn1.c	2015-03-20 12:22:47 UTC (rev 6988)
@@ -1126,8 +1126,6 @@
                                  ERR_R_MALLOC_FAILURE);
 			goto err;
 			}
-		if (a)
-			*a = ret;
 		}
 	else
 		ret = *a;
@@ -1192,11 +1190,13 @@
 			}
 		}
 
+	if (a)
+		*a = ret;
 	ok = 1;
 err:
 	if (!ok)
 		{
-		if (ret)
+		if (ret && (a == NULL || *a != ret))
 			EC_KEY_free(ret);
 		ret = NULL;
 		}

Modified: stable/0.5/crypto/openssl/crypto/x509/x509_req.c
===================================================================
--- stable/0.5/crypto/openssl/crypto/x509/x509_req.c	2015-03-20 01:18:50 UTC (rev 6987)
+++ stable/0.5/crypto/openssl/crypto/x509/x509_req.c	2015-03-20 12:22:47 UTC (rev 6988)
@@ -91,6 +91,8 @@
 		goto err;
 
 	pktmp = X509_get_pubkey(x);
+	if (pktmp == NULL)
+		goto err;
 	i=X509_REQ_set_pubkey(ret,pktmp);
 	EVP_PKEY_free(pktmp);
 	if (!i) goto err;

