Fix typo in OBJ_txt2obj which incorrectly passed the content

length, instead of the encoding length to d2i_ASN1_OBJECT.

This wasn't visible before becuse ASN1_get_object() used
to read past the length of the supplied buffer.

diff --git a/CHANGES b/CHANGES
index 93881353ffda369aa3a367edea98428527623c90..ff13c43554a20621c6e52f1940cb9b7a9264aa58 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -2,7 +2,7 @@
  OpenSSL CHANGES
  _______________
 
- Changes between 0.9.6g and 0.9.7  [XX xxx 2002]
+ Changes between 0.9.6h and 0.9.7  [XX xxx 2002]
 
   *) Make sure tests can be performed even if the corresponding algorithms
      have been removed entirely.  This was also the last step to make
@@ -1667,6 +1667,12 @@ des-cbc           3624.96k     5258.21k     5530.91k     5624.30k     5628.26k
   *) Clean old EAY MD5 hack from e_os.h.
      [Richard Levitte]
 
+ Changes between 0.9.6g and 0.9.6h  [xx XXX xxxx]
+
+  *) Fix typo in OBJ_txt2obj which incorrectly passed the content
+     length, instead of the encoding length to d2i_ASN1_OBJECT.
+     [Steve Henson]
+
  Changes between 0.9.6f and 0.9.6g  [9 Aug 2002]
 
   *) [In 0.9.6g-engine release:]

diff --git a/crypto/objects/obj_dat.c b/crypto/objects/obj_dat.c
index 02c3719f04e6009903e6628b298e6db9265e6d77..ce779dc1b5beb143bf300e552ed0767078060bf3 100644 (file)
--- a/crypto/objects/obj_dat.c
+++ b/crypto/objects/obj_dat.c
@@ -425,7 +425,7 @@ ASN1_OBJECT *OBJ_txt2obj(const char *s, int no_name)
        a2d_ASN1_OBJECT(p,i,s,-1);
        
        p=buf;
-       op=d2i_ASN1_OBJECT(NULL,&p,i);
+       op=d2i_ASN1_OBJECT(NULL,&p,j);
        OPENSSL_free(buf);
        return op;
        }