diff options
Diffstat (limited to 'main/openssl/openssl-0.9.8l-CVE-2009-1387.patch')
-rw-r--r-- | main/openssl/openssl-0.9.8l-CVE-2009-1387.patch | 59 |
1 files changed, 59 insertions, 0 deletions
diff --git a/main/openssl/openssl-0.9.8l-CVE-2009-1387.patch b/main/openssl/openssl-0.9.8l-CVE-2009-1387.patch new file mode 100644 index 000000000..c8ff15e50 --- /dev/null +++ b/main/openssl/openssl-0.9.8l-CVE-2009-1387.patch @@ -0,0 +1,59 @@ +http://bugs.gentoo.org/270305 + +fix from upstream + +Index: ssl/d1_both.c +=================================================================== +RCS file: /usr/local/src/openssl/CVSROOT/openssl/ssl/d1_both.c,v +retrieving revision 1.4.2.7 +retrieving revision 1.4.2.8 +diff -u -p -r1.4.2.7 -r1.4.2.8 +--- a/ssl/d1_both.c 17 Oct 2007 21:17:49 -0000 1.4.2.7 ++++ b/ssl/d1_both.c 2 Apr 2009 22:12:13 -0000 1.4.2.8 +@@ -575,30 +575,31 @@ dtls1_process_out_of_seq_message(SSL *s, + } + } + +- frag = dtls1_hm_fragment_new(frag_len); +- if ( frag == NULL) +- goto err; ++ if (frag_len) ++ { ++ frag = dtls1_hm_fragment_new(frag_len); ++ if ( frag == NULL) ++ goto err; + +- memcpy(&(frag->msg_header), msg_hdr, sizeof(*msg_hdr)); ++ memcpy(&(frag->msg_header), msg_hdr, sizeof(*msg_hdr)); + +- if (frag_len) +- { +- /* read the body of the fragment (header has already been read */ ++ /* read the body of the fragment (header has already been read) */ + i = s->method->ssl_read_bytes(s,SSL3_RT_HANDSHAKE, + frag->fragment,frag_len,0); + if (i<=0 || (unsigned long)i!=frag_len) + goto err; +- } + +- pq_64bit_init(&seq64); +- pq_64bit_assign_word(&seq64, msg_hdr->seq); ++ pq_64bit_init(&seq64); ++ pq_64bit_assign_word(&seq64, msg_hdr->seq); + +- item = pitem_new(seq64, frag); +- pq_64bit_free(&seq64); +- if ( item == NULL) +- goto err; ++ item = pitem_new(seq64, frag); ++ pq_64bit_free(&seq64); ++ if ( item == NULL) ++ goto err; ++ ++ pqueue_insert(s->d1->buffered_messages, item); ++ } + +- pqueue_insert(s->d1->buffered_messages, item); + return DTLS1_HM_FRAGMENT_RETRY; + + err: |