Update from stable branch.

7ce8c95d · Dr. Stephen Henson · 38b6e6c0 · 7ce8c95d · 7ce8c95d
隐藏空白更改
内联并排

Showing with 7 addition and 0 deletion

CHANGES CHANGES +5 -0

crypto/asn1/asn1.h crypto/asn1/asn1.h +2 -0

未找到文件。
--- a/CHANGES
+++ b/CHANGES
@@ -751,6 +751,11 @@

 Changes between 0.9.8j and 0.9.8k  [xx XXX xxxx]

+  *) Reject UniversalString and BMPString types with invalid lengths. This
+     prevents a crash in ASN1_STRING_print_ex() which assumes the strings have
+     a legal length. (CVE-2009-0590)
+     [Steve Henson]
+
  *) Set S/MIME signing as the default purpose rather than setting it 
     unconditionally. This allows applications to override it at the store
     level.

--- a/crypto/asn1/asn1.h
+++ b/crypto/asn1/asn1.h
@@ -1278,6 +1278,7 @@ void ERR_load_ASN1_strings(void);
 #define ASN1_R_BAD_OBJECT_HEADER			 102
 #define ASN1_R_BAD_PASSWORD_READ			 103
 #define ASN1_R_BAD_TAG					 104
+#define ASN1_R_BMPSTRING_IS_WRONG_LENGTH		 210
 #define ASN1_R_BN_LIB					 105
 #define ASN1_R_BOOLEAN_IS_WRONG_LENGTH			 106
 #define ASN1_R_BUFFER_TOO_SMALL				 107
@@ -1369,6 +1370,7 @@ void ERR_load_ASN1_strings(void);
 #define ASN1_R_UNABLE_TO_DECODE_RSA_KEY			 157
 #define ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY		 158
 #define ASN1_R_UNEXPECTED_EOC				 159
+#define ASN1_R_UNIVERSALSTRING_IS_WRONG_LENGTH		 211
 #define ASN1_R_UNKNOWN_FORMAT				 160
 #define ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM		 161
 #define ASN1_R_UNKNOWN_OBJECT_TYPE			 162