mirror of
https://github.com/openssl/openssl.git
synced 2024-11-27 05:21:51 +08:00
Update from stable branch.
This commit is contained in:
parent
7ce8c95d58
commit
80b2ff978d
5
CHANGES
5
CHANGES
@ -751,6 +751,11 @@
|
|||||||
|
|
||||||
Changes between 0.9.8j and 0.9.8k [xx XXX xxxx]
|
Changes between 0.9.8j and 0.9.8k [xx XXX xxxx]
|
||||||
|
|
||||||
|
*) Fix bug where return value of CMS_SignerInfo_verify_content() was not
|
||||||
|
checked correctly. This would allow some invalid signed attributes to
|
||||||
|
appear to verify correctly. (CVE-2009-0591)
|
||||||
|
[Ivan Nestlerode <inestlerode@us.ibm.com>]
|
||||||
|
|
||||||
*) Reject UniversalString and BMPString types with invalid lengths. This
|
*) Reject UniversalString and BMPString types with invalid lengths. This
|
||||||
prevents a crash in ASN1_STRING_print_ex() which assumes the strings have
|
prevents a crash in ASN1_STRING_print_ex() which assumes the strings have
|
||||||
a legal length. (CVE-2009-0590)
|
a legal length. (CVE-2009-0590)
|
||||||
|
@ -199,6 +199,7 @@ static ERR_STRING_DATA ASN1_str_reasons[]=
|
|||||||
{ERR_REASON(ASN1_R_BAD_OBJECT_HEADER) ,"bad object header"},
|
{ERR_REASON(ASN1_R_BAD_OBJECT_HEADER) ,"bad object header"},
|
||||||
{ERR_REASON(ASN1_R_BAD_PASSWORD_READ) ,"bad password read"},
|
{ERR_REASON(ASN1_R_BAD_PASSWORD_READ) ,"bad password read"},
|
||||||
{ERR_REASON(ASN1_R_BAD_TAG) ,"bad tag"},
|
{ERR_REASON(ASN1_R_BAD_TAG) ,"bad tag"},
|
||||||
|
{ERR_REASON(ASN1_R_BMPSTRING_IS_WRONG_LENGTH),"bmpstring is wrong length"},
|
||||||
{ERR_REASON(ASN1_R_BN_LIB) ,"bn lib"},
|
{ERR_REASON(ASN1_R_BN_LIB) ,"bn lib"},
|
||||||
{ERR_REASON(ASN1_R_BOOLEAN_IS_WRONG_LENGTH),"boolean is wrong length"},
|
{ERR_REASON(ASN1_R_BOOLEAN_IS_WRONG_LENGTH),"boolean is wrong length"},
|
||||||
{ERR_REASON(ASN1_R_BUFFER_TOO_SMALL) ,"buffer too small"},
|
{ERR_REASON(ASN1_R_BUFFER_TOO_SMALL) ,"buffer too small"},
|
||||||
@ -290,6 +291,7 @@ static ERR_STRING_DATA ASN1_str_reasons[]=
|
|||||||
{ERR_REASON(ASN1_R_UNABLE_TO_DECODE_RSA_KEY),"unable to decode rsa key"},
|
{ERR_REASON(ASN1_R_UNABLE_TO_DECODE_RSA_KEY),"unable to decode rsa key"},
|
||||||
{ERR_REASON(ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY),"unable to decode rsa private key"},
|
{ERR_REASON(ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY),"unable to decode rsa private key"},
|
||||||
{ERR_REASON(ASN1_R_UNEXPECTED_EOC) ,"unexpected eoc"},
|
{ERR_REASON(ASN1_R_UNEXPECTED_EOC) ,"unexpected eoc"},
|
||||||
|
{ERR_REASON(ASN1_R_UNIVERSALSTRING_IS_WRONG_LENGTH),"universalstring is wrong length"},
|
||||||
{ERR_REASON(ASN1_R_UNKNOWN_FORMAT) ,"unknown format"},
|
{ERR_REASON(ASN1_R_UNKNOWN_FORMAT) ,"unknown format"},
|
||||||
{ERR_REASON(ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM),"unknown message digest algorithm"},
|
{ERR_REASON(ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM),"unknown message digest algorithm"},
|
||||||
{ERR_REASON(ASN1_R_UNKNOWN_OBJECT_TYPE) ,"unknown object type"},
|
{ERR_REASON(ASN1_R_UNKNOWN_OBJECT_TYPE) ,"unknown object type"},
|
||||||
|
@ -1016,6 +1016,18 @@ int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len,
|
|||||||
case V_ASN1_SET:
|
case V_ASN1_SET:
|
||||||
case V_ASN1_SEQUENCE:
|
case V_ASN1_SEQUENCE:
|
||||||
default:
|
default:
|
||||||
|
if (utype == V_ASN1_BMPSTRING && (len & 1))
|
||||||
|
{
|
||||||
|
ASN1err(ASN1_F_ASN1_EX_C2I,
|
||||||
|
ASN1_R_BMPSTRING_IS_WRONG_LENGTH);
|
||||||
|
goto err;
|
||||||
|
}
|
||||||
|
if (utype == V_ASN1_UNIVERSALSTRING && (len & 3))
|
||||||
|
{
|
||||||
|
ASN1err(ASN1_F_ASN1_EX_C2I,
|
||||||
|
ASN1_R_UNIVERSALSTRING_IS_WRONG_LENGTH);
|
||||||
|
goto err;
|
||||||
|
}
|
||||||
/* All based on ASN1_STRING and handled the same */
|
/* All based on ASN1_STRING and handled the same */
|
||||||
if (!*pval)
|
if (!*pval)
|
||||||
{
|
{
|
||||||
|
Loading…
Reference in New Issue
Block a user