diff options
| author | Saul Wold <sgw@linux.intel.com> | 2015-03-04 09:46:48 -0800 |
|---|---|---|
| committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2015-03-10 10:47:46 +0000 |
| commit | f5e4349011bd00aa47d142022dcdd1d1706a9655 (patch) | |
| tree | 31b2c535de004b08968cfdb57ce085ca3b70eb83 /meta/recipes-connectivity/openssl/openssl/openssl-avoid-NULL-pointer-dereference-in-dh_pub_encode.patch | |
| parent | 7c504b44ef593f97f5311d0d27f667e85a2eddbb (diff) | |
| download | poky-f5e4349011bd00aa47d142022dcdd1d1706a9655.tar.gz | |
openssl: Upgrade to 1.0.2
Rebased numerous patches
removed aarch64 initial work since it's part of upstream now
Imported a few additional patches from Debian to support the version-script
and blacklist additional bad certificates.
(From OE-Core rev: 10b689033551c37d6cafa284d82bdccd43f6113e)
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-connectivity/openssl/openssl/openssl-avoid-NULL-pointer-dereference-in-dh_pub_encode.patch')
| -rw-r--r-- | meta/recipes-connectivity/openssl/openssl/openssl-avoid-NULL-pointer-dereference-in-dh_pub_encode.patch | 41 |
1 files changed, 14 insertions, 27 deletions
diff --git a/meta/recipes-connectivity/openssl/openssl/openssl-avoid-NULL-pointer-dereference-in-dh_pub_encode.patch b/meta/recipes-connectivity/openssl/openssl/openssl-avoid-NULL-pointer-dereference-in-dh_pub_encode.patch index 3e93fe4e22..d7047bbaac 100644 --- a/meta/recipes-connectivity/openssl/openssl/openssl-avoid-NULL-pointer-dereference-in-dh_pub_encode.patch +++ b/meta/recipes-connectivity/openssl/openssl/openssl-avoid-NULL-pointer-dereference-in-dh_pub_encode.patch | |||
| @@ -8,32 +8,19 @@ http://www.mail-archive.com/openssl-dev@openssl.org/msg32859.html | |||
| 8 | 8 | ||
| 9 | Signed-off-by: Xufeng Zhang <xufeng.zhang@windriver.com> | 9 | Signed-off-by: Xufeng Zhang <xufeng.zhang@windriver.com> |
| 10 | --- | 10 | --- |
| 11 | --- a/crypto/dh/dh_ameth.c | 11 | Index: openssl-1.0.2/crypto/dh/dh_ameth.c |
| 12 | +++ b/crypto/dh/dh_ameth.c | 12 | =================================================================== |
| 13 | @@ -139,6 +139,12 @@ | 13 | --- openssl-1.0.2.orig/crypto/dh/dh_ameth.c |
| 14 | dh=pkey->pkey.dh; | 14 | +++ openssl-1.0.2/crypto/dh/dh_ameth.c |
| 15 | @@ -161,6 +161,11 @@ static int dh_pub_encode(X509_PUBKEY *pk | ||
| 16 | dh = pkey->pkey.dh; | ||
| 15 | 17 | ||
| 16 | str = ASN1_STRING_new(); | 18 | str = ASN1_STRING_new(); |
| 17 | + if (!str) | 19 | + if (!str) { |
| 18 | + { | 20 | + DHerr(DH_F_DH_PUB_ENCODE, ERR_R_MALLOC_FAILURE); |
| 19 | + DHerr(DH_F_DH_PUB_ENCODE, ERR_R_MALLOC_FAILURE); | 21 | + goto err; |
| 20 | + goto err; | 22 | + } |
| 21 | + } | ||
| 22 | + | 23 | + |
| 23 | str->length = i2d_DHparams(dh, &str->data); | 24 | str->length = i2d_dhp(pkey, dh, &str->data); |
| 24 | if (str->length <= 0) | 25 | if (str->length <= 0) { |
| 25 | { | 26 | DHerr(DH_F_DH_PUB_ENCODE, ERR_R_MALLOC_FAILURE); |
| 26 | --- a/crypto/dsa/dsa_ameth.c | ||
| 27 | +++ b/crypto/dsa/dsa_ameth.c | ||
| 28 | @@ -148,6 +148,11 @@ | ||
| 29 | { | ||
| 30 | ASN1_STRING *str; | ||
| 31 | str = ASN1_STRING_new(); | ||
| 32 | + if (!str) | ||
| 33 | + { | ||
| 34 | + DSAerr(DSA_F_DSA_PUB_ENCODE, ERR_R_MALLOC_FAILURE); | ||
| 35 | + goto err; | ||
| 36 | + } | ||
| 37 | str->length = i2d_DSAparams(dsa, &str->data); | ||
| 38 | if (str->length <= 0) | ||
| 39 | { | ||