On Wed, Mar 17, 2004 at 03:30:54PM -0800, Jesse Keating wrote:
>
> Where do you see openssl-0.9.6b-recursion.patch? It's not in RHL9's
> openssl096b-0.9.6b-15.src.rpm.
In all these three "entreprise" packages which I listed in my
first reply. Anyway, here it is in its whole glory:
CAN-2003-0851
Patch from Dr Stephen N Henson to fix deep recursion in OpenSSL 0.9.6
and an issue there where OpenSSL doesn't work out the remaining length
for indefinite length constructed headers.
diff -ur -x CVS openssl6/crypto/asn1/a_bytes.c ossl6/crypto/asn1/a_bytes.c
--- openssl6/crypto/asn1/a_bytes.c 2000-06-01 23:16:27.000000000 +0100
+++ ossl6/crypto/asn1/a_bytes.c 2003-10-09 12:33:28.000000000 +0100
@@ -201,7 +201,10 @@
c.pp=pp;
c.p=p;
c.inf=inf;
- c.slen=len;
+ if (inf & 1)
+ c.slen = p - *pp;
+ else
+ c.slen=len;
c.tag=Ptag;
c.xclass=Pclass;
c.max=(length == 0)?0:(p+length);
@@ -289,7 +292,7 @@
}
c->q=c->p;
- if (d2i_ASN1_bytes(&os,&c->p,c->max-c->p,c->tag,c->xclass)
+ if (d2i_ASN1_bytes(&os,&c->p,c->slen,c->tag,c->xclass)
== NULL)
{
c->error=ERR_R_ASN1_LIB;
The other patch just adds 'rr->length = 0;' assignment in s3_pkt.c.
Michal
--
fedora-legacy-list@xxxxxxxxxx
http://www.redhat.com/mailman/listinfo/fedora-legacy-list
