diff options
author | Richard Levitte <levitte@openssl.org> | 2003-10-02 14:55:25 +0400 |
---|---|---|
committer | Richard Levitte <levitte@openssl.org> | 2003-10-02 14:55:25 +0400 |
commit | 95a64aa4b8a0bfbfa15a65fe325ee09ad3e033ee (patch) | |
tree | 5a539b459673c07e6010efb20f424e1e877d7560 /crypto | |
parent | 80be2f484f40c400df739fc8bd804247a2253ddf (diff) |
Recent changes from 0.9.7-stable
Diffstat (limited to 'crypto')
-rw-r--r-- | crypto/asn1/asn1_lib.c | 2 | ||||
-rw-r--r-- | crypto/asn1/tasn_dec.c | 9 | ||||
-rw-r--r-- | crypto/des/cfb_enc.c | 1 | ||||
-rw-r--r-- | crypto/opensslv.h | 4 | ||||
-rw-r--r-- | crypto/x509/x509_vfy.c | 2 |
5 files changed, 14 insertions, 4 deletions
diff --git a/crypto/asn1/asn1_lib.c b/crypto/asn1/asn1_lib.c index 0638870ab7..e30d5dd303 100644 --- a/crypto/asn1/asn1_lib.c +++ b/crypto/asn1/asn1_lib.c @@ -104,10 +104,12 @@ int ASN1_get_object(unsigned char **pp, long *plength, int *ptag, int *pclass, l<<=7L; l|= *(p++)&0x7f; if (--max == 0) goto err; + if (l > (INT_MAX >> 7L)) goto err; } l<<=7L; l|= *(p++)&0x7f; tag=(int)l; + if (--max == 0) goto err; } else { diff --git a/crypto/asn1/tasn_dec.c b/crypto/asn1/tasn_dec.c index 76fc023230..2426cb6253 100644 --- a/crypto/asn1/tasn_dec.c +++ b/crypto/asn1/tasn_dec.c @@ -691,6 +691,7 @@ static int asn1_d2i_ex_primitive(ASN1_VALUE **pval, unsigned char **in, long inl int asn1_ex_c2i(ASN1_VALUE **pval, unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it) { + ASN1_VALUE **opval = NULL; ASN1_STRING *stmp; ASN1_TYPE *typ = NULL; int ret = 0; @@ -705,6 +706,7 @@ int asn1_ex_c2i(ASN1_VALUE **pval, unsigned char *cont, int len, int utype, char *pval = (ASN1_VALUE *)typ; } else typ = (ASN1_TYPE *)*pval; if(utype != typ->type) ASN1_TYPE_set(typ, utype, NULL); + opval = pval; pval = (ASN1_VALUE **)&typ->value.ptr; } switch(utype) { @@ -796,7 +798,12 @@ int asn1_ex_c2i(ASN1_VALUE **pval, unsigned char *cont, int len, int utype, char ret = 1; err: - if(!ret) ASN1_TYPE_free(typ); + if(!ret) + { + ASN1_TYPE_free(typ); + if (opval) + *opval = NULL; + } return ret; } diff --git a/crypto/des/cfb_enc.c b/crypto/des/cfb_enc.c index 2600bdfc93..1ea0490460 100644 --- a/crypto/des/cfb_enc.c +++ b/crypto/des/cfb_enc.c @@ -56,6 +56,7 @@ * [including the GNU Public Licence.] */ +#include "e_os.h" #include "des_locl.h" /* The input and output are loaded in multiples of 8 bits. diff --git a/crypto/opensslv.h b/crypto/opensslv.h index b5cc2016d0..102f114541 100644 --- a/crypto/opensslv.h +++ b/crypto/opensslv.h @@ -25,8 +25,8 @@ * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for * major minor fix final patch/beta) */ -#define OPENSSL_VERSION_NUMBER 0x00907030L -#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.7c-dev xx XXX 2003" +#define OPENSSL_VERSION_NUMBER 0x00907040L +#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.7d-dev [fips] xx XXX XXXX" #define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c index f60054bd39..2bb21b443e 100644 --- a/crypto/x509/x509_vfy.c +++ b/crypto/x509/x509_vfy.c @@ -674,7 +674,7 @@ static int internal_verify(X509_STORE_CTX *ctx) ok=(*cb)(0,ctx); if (!ok) goto end; } - if (X509_verify(xs,pkey) <= 0) + else if (X509_verify(xs,pkey) <= 0) /* XXX For the final trusted self-signed cert, * this is a waste of time. That check should * optional so that e.g. 'openssl x509' can be |