File openssl-CVE-2015-0286.patch of Package compat-openssl098.24732

Overview Repositories Revisions Requests Users Attributes Meta

File openssl-CVE-2015-0286.patch of Package compat-openssl098.24732

commit 7058bd1712828a78d34457b1cfc32bdc1e6d3d33
Author: Dr. Stephen Henson <steve@openssl.org>
Date:   Mon Mar 9 23:11:45 2015 +0000

Fix ASN1_TYPE_cmp
    
    Fix segmentation violation when ASN1_TYPE_cmp is passed a boolean type. This
    can be triggered during certificate verification so could be a DoS attack
    against a client or a server enabling client authentication.
    
    CVE-2015-0286
    
    Reviewed-by: Richard Levitte <levitte@openssl.org>

Index: openssl-0.9.8j/crypto/asn1/a_type.c
===================================================================
--- openssl-0.9.8j.orig/crypto/asn1/a_type.c	2015-03-16 18:00:30.463475273 +0100
+++ openssl-0.9.8j/crypto/asn1/a_type.c	2015-03-16 18:02:48.279480346 +0100
@@ -121,6 +121,9 @@ int ASN1_TYPE_cmp(const ASN1_TYPE *a, co
 	case V_ASN1_OBJECT:
 		result = OBJ_cmp(a->value.object, b->value.object);
 		break;
+	case V_ASN1_BOOLEAN:
+		result = a->value.boolean - b->value.boolean;
+		break;
 	case V_ASN1_NULL:
 		result = 0;	/* They do not have content. */
 		break;

Places

File openssl-CVE-2015-0286.patch of Package compat-openssl098.24732

Places