/[smeserver]/rpms/openssl/sme8/openssl-fips-0.9.8e-cve-2011-4109.patch
ViewVC logotype

Annotation of /rpms/openssl/sme8/openssl-fips-0.9.8e-cve-2011-4109.patch

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph

Revision 1.1 - (hide annotations) (download)
Tue Feb 18 03:03:09 2014 UTC (10 years, 3 months ago) by wellsi
Branch: MAIN
CVS Tags: openssl-0_9_8e-28_el5_sme, openssl-0_9_8e-33_1_el5_sme, openssl-0_9_8e-32_1_el5_sme, openssl-0_9_8e-27_1_el5_sme, openssl-0_9_8e-27_el5_10_1, openssl-0_9_8e-31_1_el5_sme, HEAD
Branch point for: upstream 
Initial import
1 wellsi 1.1 diff -up openssl-fips-0.9.8e/CHANGES.doublefree openssl-fips-0.9.8e/CHANGES
2     diff -up openssl-fips-0.9.8e/crypto/x509v3/pcy_map.c.doublefree openssl-fips-0.9.8e/crypto/x509v3/pcy_map.c
3     --- openssl-fips-0.9.8e/crypto/x509v3/pcy_map.c.doublefree 2004-03-25 14:45:58.000000000 +0100
4     +++ openssl-fips-0.9.8e/crypto/x509v3/pcy_map.c 2012-01-16 10:37:18.480935735 +0100
5     @@ -70,8 +70,6 @@ static int ref_cmp(const X509_POLICY_REF
6    
7     static void policy_map_free(X509_POLICY_REF *map)
8     {
9     - if (map->subjectDomainPolicy)
10     - ASN1_OBJECT_free(map->subjectDomainPolicy);
11     OPENSSL_free(map);
12     }
13    
14     @@ -95,6 +93,7 @@ int policy_cache_set_mapping(X509 *x, PO
15     {
16     POLICY_MAPPING *map;
17     X509_POLICY_REF *ref = NULL;
18     + ASN1_OBJECT *subjectDomainPolicyRef;
19     X509_POLICY_DATA *data;
20     X509_POLICY_CACHE *cache = x->policy_cache;
21     int i;
22     @@ -153,13 +152,16 @@ int policy_cache_set_mapping(X509 *x, PO
23     if (!sk_ASN1_OBJECT_push(data->expected_policy_set,
24     map->subjectDomainPolicy))
25     goto bad_mapping;
26     + /* map->subjectDomainPolicy will be freed when
27     + * cache->data is freed. Set it to NULL to avoid double-free. */
28     + subjectDomainPolicyRef = map->subjectDomainPolicy;
29     + map->subjectDomainPolicy = NULL;
30    
31     ref = OPENSSL_malloc(sizeof(X509_POLICY_REF));
32     if (!ref)
33     goto bad_mapping;
34    
35     - ref->subjectDomainPolicy = map->subjectDomainPolicy;
36     - map->subjectDomainPolicy = NULL;
37     + ref->subjectDomainPolicy = subjectDomainPolicyRef;
38     ref->data = data;
39    
40     if (!sk_X509_POLICY_REF_push(cache->maps, ref))
41     diff -up openssl-fips-0.9.8e/crypto/x509v3/pcy_tree.c.doublefree openssl-fips-0.9.8e/crypto/x509v3/pcy_tree.c
42     --- openssl-fips-0.9.8e/crypto/x509v3/pcy_tree.c.doublefree 2006-11-27 14:36:54.000000000 +0100
43     +++ openssl-fips-0.9.8e/crypto/x509v3/pcy_tree.c 2012-01-16 10:37:18.481935777 +0100
44     @@ -610,6 +610,10 @@ int X509_policy_check(X509_POLICY_TREE *
45     case 2:
46     return 1;
47    
48     + /* Some internal error */
49     + case -1:
50     + return -1;
51     +
52     /* Some internal error */
53     case 0:
54     return 0;
55     @@ -689,4 +693,3 @@ int X509_policy_check(X509_POLICY_TREE *
56     return 0;
57    
58     }
59     -
admin@koozali.org
 ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed