From dd090e688cf7987eff8906e3750cfbb1c285941c Mon Sep 17 00:00:00 2001
From: Ting Liu <b28495@freescale.com>
Date: Thu, 3 Jul 2014 02:32:04 -0500
Subject: openssl: downgrade to 1.0.1g

openssl released in fsl sdk v1.6 was based on 1.0.1g, so downgrade for fsl boards.
the imported recipes were based on daisy-11.0.0 which FSL SDK based on.

Signed-off-by: Ting Liu <b28495@freescale.com>
---
 ...NULL-pointer-dereference-in-dh_pub_encode.patch | 39 ++++++++++++++++++++++
 1 file changed, 39 insertions(+)
 create mode 100644 meta-fsl-ppc/recipes-connectivity/openssl/openssl/openssl-avoid-NULL-pointer-dereference-in-dh_pub_encode.patch

(limited to 'meta-fsl-ppc/recipes-connectivity/openssl/openssl/openssl-avoid-NULL-pointer-dereference-in-dh_pub_encode.patch')

diff --git a/meta-fsl-ppc/recipes-connectivity/openssl/openssl/openssl-avoid-NULL-pointer-dereference-in-dh_pub_encode.patch b/meta-fsl-ppc/recipes-connectivity/openssl/openssl/openssl-avoid-NULL-pointer-dereference-in-dh_pub_encode.patch
new file mode 100644
index 00000000..3e93fe4e
--- /dev/null
+++ b/meta-fsl-ppc/recipes-connectivity/openssl/openssl/openssl-avoid-NULL-pointer-dereference-in-dh_pub_encode.patch
@@ -0,0 +1,39 @@
+openssl: avoid NULL pointer dereference in dh_pub_encode()/dsa_pub_encode()
+
+We should avoid accessing the pointer if ASN1_STRING_new()
+allocates memory failed.
+
+Upstream-Status: Submitted
+http://www.mail-archive.com/openssl-dev@openssl.org/msg32859.html
+
+Signed-off-by: Xufeng Zhang <xufeng.zhang@windriver.com>
+---
+--- a/crypto/dh/dh_ameth.c
++++ b/crypto/dh/dh_ameth.c
+@@ -139,6 +139,12 @@
+ 	dh=pkey->pkey.dh;
+ 
+ 	str = ASN1_STRING_new();
++	if (!str)
++		{
++		DHerr(DH_F_DH_PUB_ENCODE, ERR_R_MALLOC_FAILURE);
++		goto err;
++		}
++
+ 	str->length = i2d_DHparams(dh, &str->data);
+ 	if (str->length <= 0)
+ 		{
+--- a/crypto/dsa/dsa_ameth.c
++++ b/crypto/dsa/dsa_ameth.c
+@@ -148,6 +148,11 @@
+ 		{
+ 		ASN1_STRING *str;
+ 		str = ASN1_STRING_new();
++		if (!str)
++			{
++			DSAerr(DSA_F_DSA_PUB_ENCODE, ERR_R_MALLOC_FAILURE);
++			goto err;
++			}
+ 		str->length = i2d_DSAparams(dsa, &str->data);
+ 		if (str->length <= 0)
+ 			{
-- 
cgit v1.2.3-54-g00ecf