Loading CHANGES +5 −0 Original line number Diff line number Diff line Loading @@ -751,6 +751,11 @@ Changes between 0.9.8j and 0.9.8k [xx XXX xxxx] *) Don't set val to NULL when freeing up structures, it is freed up by underlying code. If sizeof(void *) > sizeof(long) this can result in zeroing past the valid field. (CVE-2009-0789) [Paolo Ganci <Paolo.Ganci@AdNovum.CH>] *) Fix bug where return value of CMS_SignerInfo_verify_content() was not checked correctly. This would allow some invalid signed attributes to appear to verify correctly. (CVE-2009-0591) Loading crypto/asn1/tasn_dec.c +0 −2 Original line number Diff line number Diff line Loading @@ -613,7 +613,6 @@ static int asn1_template_ex_d2i(ASN1_VALUE **val, err: ASN1_template_free(val, tt); *val = NULL; return 0; } Loading Loading @@ -762,7 +761,6 @@ static int asn1_template_noexp_d2i(ASN1_VALUE **val, err: ASN1_template_free(val, tt); *val = NULL; return 0; } Loading crypto/cms/cms_smime.c +1 −1 Original line number Diff line number Diff line Loading @@ -419,7 +419,7 @@ int CMS_verify(CMS_ContentInfo *cms, STACK_OF(X509) *certs, for (i = 0; i < sk_CMS_SignerInfo_num(sinfos); i++) { si = sk_CMS_SignerInfo_value(sinfos, i); if (!CMS_SignerInfo_verify_content(si, cmsbio)) if (CMS_SignerInfo_verify_content(si, cmsbio) <= 0) { CMSerr(CMS_F_CMS_VERIFY, CMS_R_CONTENT_VERIFY_ERROR); Loading Loading
CHANGES +5 −0 Original line number Diff line number Diff line Loading @@ -751,6 +751,11 @@ Changes between 0.9.8j and 0.9.8k [xx XXX xxxx] *) Don't set val to NULL when freeing up structures, it is freed up by underlying code. If sizeof(void *) > sizeof(long) this can result in zeroing past the valid field. (CVE-2009-0789) [Paolo Ganci <Paolo.Ganci@AdNovum.CH>] *) Fix bug where return value of CMS_SignerInfo_verify_content() was not checked correctly. This would allow some invalid signed attributes to appear to verify correctly. (CVE-2009-0591) Loading
crypto/asn1/tasn_dec.c +0 −2 Original line number Diff line number Diff line Loading @@ -613,7 +613,6 @@ static int asn1_template_ex_d2i(ASN1_VALUE **val, err: ASN1_template_free(val, tt); *val = NULL; return 0; } Loading Loading @@ -762,7 +761,6 @@ static int asn1_template_noexp_d2i(ASN1_VALUE **val, err: ASN1_template_free(val, tt); *val = NULL; return 0; } Loading
crypto/cms/cms_smime.c +1 −1 Original line number Diff line number Diff line Loading @@ -419,7 +419,7 @@ int CMS_verify(CMS_ContentInfo *cms, STACK_OF(X509) *certs, for (i = 0; i < sk_CMS_SignerInfo_num(sinfos); i++) { si = sk_CMS_SignerInfo_value(sinfos, i); if (!CMS_SignerInfo_verify_content(si, cmsbio)) if (CMS_SignerInfo_verify_content(si, cmsbio) <= 0) { CMSerr(CMS_F_CMS_VERIFY, CMS_R_CONTENT_VERIFY_ERROR); Loading
