Fix ASN.1 parsing of certain invalid structures that can result

in a denial of service. (CVE-2006-2937) [Steve Henson]

Fix ASN.1 parsing of certain invalid structures that can result
in a denial of service. (CVE-2006-2937) [Steve Henson]
348be7ec · Mark J. Cox · 3ff55e96 · 348be7ec · 348be7ec
隐藏空白更改
内联并排

Showing with 4 addition and 0 deletion

CHANGES CHANGES +3 -0

crypto/asn1/tasn_dec.c crypto/asn1/tasn_dec.c +1 -0

未找到文件。
--- a/CHANGES
+++ b/CHANGES
@@ -4,6 +4,9 @@

 Changes between 0.9.8d and 0.9.9  [xx XXX xxxx]

+  *) Fix ASN.1 parsing of certain invalid structures that can result
+     in a denial of service.  (CVE-2006-2937)  [Steve Henson]
+
  *) Fix buffer overflow in SSL_get_shared_ciphers() function.
     (CVE-2006-3738) [Tavis Ormandy and Will Drewry, Google Security Team]


--- a/crypto/asn1/tasn_dec.c
+++ b/crypto/asn1/tasn_dec.c
@@ -832,6 +832,7 @@ static int asn1_d2i_ex_primitive(ASN1_VALUE **pval,
 		}
 	else if (ret == -1)
 		return -1;
+        ret = 0;
 	/* SEQUENCE, SET and "OTHER" are left in encoded form */
 	if ((utype == V_ASN1_SEQUENCE)
 		|| (utype == V_ASN1_SET) || (utype == V_ASN1_OTHER))