Update from stable branch.

diff --git a/CHANGES b/CHANGES
index 565645aab0f3a1478bd0addd7f20bf7a38251edd..024b05da11feea053eac524cc82fc417353f35cd 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -751,6 +751,11 @@
 
  Changes between 0.9.8j and 0.9.8k  [xx XXX xxxx]
 
+  *) Reject UniversalString and BMPString types with invalid lengths. This
+     prevents a crash in ASN1_STRING_print_ex() which assumes the strings have
+     a legal length. (CVE-2009-0590)
+     [Steve Henson]
+
   *) Set S/MIME signing as the default purpose rather than setting it 
      unconditionally. This allows applications to override it at the store
      level.

diff --git a/crypto/asn1/asn1.h b/crypto/asn1/asn1.h
index 2c0e05ba0f8310581722ca1fd0e8e8c5a6a6a307..6129d0a1cf50259c960e8225143254ab7eefda85 100644 (file)
--- a/crypto/asn1/asn1.h
+++ b/crypto/asn1/asn1.h
@@ -1278,6 +1278,7 @@ void ERR_load_ASN1_strings(void);
 #define ASN1_R_BAD_OBJECT_HEADER                        102
 #define ASN1_R_BAD_PASSWORD_READ                        103
 #define ASN1_R_BAD_TAG                                  104
+#define ASN1_R_BMPSTRING_IS_WRONG_LENGTH                210
 #define ASN1_R_BN_LIB                                   105
 #define ASN1_R_BOOLEAN_IS_WRONG_LENGTH                  106
 #define ASN1_R_BUFFER_TOO_SMALL                                 107
@@ -1369,6 +1370,7 @@ void ERR_load_ASN1_strings(void);
 #define ASN1_R_UNABLE_TO_DECODE_RSA_KEY                         157
 #define ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY                 158
 #define ASN1_R_UNEXPECTED_EOC                           159
+#define ASN1_R_UNIVERSALSTRING_IS_WRONG_LENGTH          211
 #define ASN1_R_UNKNOWN_FORMAT                           160
 #define ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM                 161
 #define ASN1_R_UNKNOWN_OBJECT_TYPE                      162