Loading CHANGES +6 −0 Original line number Diff line number Diff line Loading @@ -4,6 +4,12 @@ Changes between 0.9.6 and 0.9.6a [xx XXX 2001] *) Fix for asn1_GetSequence() for indefinite length constructed data. If SEQUENCE is length is indefinite just set c->slen to the total amount of data available. [Steve Henson, reported by shige@FreeBSD.org] [This change does not apply to 0.9.7.] *) Change bctest to avoid here-documents inside command substitution (workaround for FreeBSD /bin/sh bug). [Bodo Moeller] Loading apps/s_server.c +2 −3 Original line number Diff line number Diff line Loading @@ -1395,9 +1395,6 @@ static int www_body(char *hostname, int s, unsigned char *context) switch (dot) { case 0: dot = (e[0] == '/') ? 1 : 0; break; case 1: dot = (e[0] == '.') ? 2 : 0; break; Loading @@ -1408,6 +1405,8 @@ static int www_body(char *hostname, int s, unsigned char *context) dot = (e[0] == '/') ? -1 : 0; break; } if (dot == 0) dot = (e[0] == '/') ? 1 : 0; } dot = (dot == 3) || (dot == -1); /* filename contains ".." component */ Loading crypto/asn1/asn1_lib.c +1 −1 Original line number Diff line number Diff line Loading @@ -301,7 +301,7 @@ int asn1_GetSequence(ASN1_CTX *c, long *length) return(0); } if (c->inf == (1|V_ASN1_CONSTRUCTED)) c->slen= *length+ *(c->pp)-c->p; c->slen= *length; c->eos=0; return(1); } Loading Loading
CHANGES +6 −0 Original line number Diff line number Diff line Loading @@ -4,6 +4,12 @@ Changes between 0.9.6 and 0.9.6a [xx XXX 2001] *) Fix for asn1_GetSequence() for indefinite length constructed data. If SEQUENCE is length is indefinite just set c->slen to the total amount of data available. [Steve Henson, reported by shige@FreeBSD.org] [This change does not apply to 0.9.7.] *) Change bctest to avoid here-documents inside command substitution (workaround for FreeBSD /bin/sh bug). [Bodo Moeller] Loading
apps/s_server.c +2 −3 Original line number Diff line number Diff line Loading @@ -1395,9 +1395,6 @@ static int www_body(char *hostname, int s, unsigned char *context) switch (dot) { case 0: dot = (e[0] == '/') ? 1 : 0; break; case 1: dot = (e[0] == '.') ? 2 : 0; break; Loading @@ -1408,6 +1405,8 @@ static int www_body(char *hostname, int s, unsigned char *context) dot = (e[0] == '/') ? -1 : 0; break; } if (dot == 0) dot = (e[0] == '/') ? 1 : 0; } dot = (dot == 3) || (dot == -1); /* filename contains ".." component */ Loading
crypto/asn1/asn1_lib.c +1 −1 Original line number Diff line number Diff line Loading @@ -301,7 +301,7 @@ int asn1_GetSequence(ASN1_CTX *c, long *length) return(0); } if (c->inf == (1|V_ASN1_CONSTRUCTED)) c->slen= *length+ *(c->pp)-c->p; c->slen= *length; c->eos=0; return(1); } Loading
