[Midnightbsd-cvs] src [6988] stable/0.5/crypto/openssl/crypto: Update to OpenSSL security patch to include CVE-2015-0209 and CVE-2015-0288
laffer1 at midnightbsd.org
laffer1 at midnightbsd.org
Fri Mar 20 08:22:48 EDT 2015
Revision: 6988
http://svnweb.midnightbsd.org/src/?rev=6988
Author: laffer1
Date: 2015-03-20 08:22:47 -0400 (Fri, 20 Mar 2015)
Log Message:
-----------
Update to OpenSSL security patch to include CVE-2015-0209 and CVE-2015-0288
Modified Paths:
--------------
stable/0.5/crypto/openssl/crypto/asn1/tasn_dec.c
stable/0.5/crypto/openssl/crypto/ec/ec_asn1.c
stable/0.5/crypto/openssl/crypto/x509/x509_req.c
Modified: stable/0.5/crypto/openssl/crypto/asn1/tasn_dec.c
===================================================================
--- stable/0.5/crypto/openssl/crypto/asn1/tasn_dec.c 2015-03-20 01:18:50 UTC (rev 6987)
+++ stable/0.5/crypto/openssl/crypto/asn1/tasn_dec.c 2015-03-20 12:22:47 UTC (rev 6988)
@@ -126,23 +126,16 @@
ASN1_VALUE *ASN1_item_d2i(ASN1_VALUE **pval,
const unsigned char **in, long len, const ASN1_ITEM *it)
-{
+ {
ASN1_TLC c;
ASN1_VALUE *ptmpval = NULL;
+ if (!pval)
+ pval = &ptmpval;
c.valid = 0;
- if (pval && *pval && it->itype == ASN1_ITYPE_PRIMITIVE)
- ptmpval = *pval;
-
- if (ASN1_item_ex_d2i(&ptmpval, in, len, it, -1, 0, 0, &c) > 0) {
- if (pval && it->itype != ASN1_ITYPE_PRIMITIVE) {
- if (*pval)
- ASN1_item_free(*pval, it);
- *pval = ptmpval;
- }
- return ptmpval;
+ if (ASN1_item_ex_d2i(pval, in, len, it, -1, 0, 0, &c) > 0)
+ return *pval;
+ return NULL;
}
- return NULL;
-}
int ASN1_template_d2i(ASN1_VALUE **pval,
const unsigned char **in, long len, const ASN1_TEMPLATE *tt)
Modified: stable/0.5/crypto/openssl/crypto/ec/ec_asn1.c
===================================================================
--- stable/0.5/crypto/openssl/crypto/ec/ec_asn1.c 2015-03-20 01:18:50 UTC (rev 6987)
+++ stable/0.5/crypto/openssl/crypto/ec/ec_asn1.c 2015-03-20 12:22:47 UTC (rev 6988)
@@ -1126,8 +1126,6 @@
ERR_R_MALLOC_FAILURE);
goto err;
}
- if (a)
- *a = ret;
}
else
ret = *a;
@@ -1192,11 +1190,13 @@
}
}
+ if (a)
+ *a = ret;
ok = 1;
err:
if (!ok)
{
- if (ret)
+ if (ret && (a == NULL || *a != ret))
EC_KEY_free(ret);
ret = NULL;
}
Modified: stable/0.5/crypto/openssl/crypto/x509/x509_req.c
===================================================================
--- stable/0.5/crypto/openssl/crypto/x509/x509_req.c 2015-03-20 01:18:50 UTC (rev 6987)
+++ stable/0.5/crypto/openssl/crypto/x509/x509_req.c 2015-03-20 12:22:47 UTC (rev 6988)
@@ -91,6 +91,8 @@
goto err;
pktmp = X509_get_pubkey(x);
+ if (pktmp == NULL)
+ goto err;
i=X509_REQ_set_pubkey(ret,pktmp);
EVP_PKEY_free(pktmp);
if (!i) goto err;
More information about the Midnightbsd-cvs
mailing list