From: Mark J. Cox Date: Thu, 28 Sep 2006 13:20:44 +0000 (+0000) Subject: Fix ASN.1 parsing of certain invalid structures that can result X-Git-Tag: OpenSSL_0_9_8k^2~1121 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=348be7ec60f7cce7503ba759a1a5a7591a648f1f;p=oweals%2Fopenssl.git Fix ASN.1 parsing of certain invalid structures that can result in a denial of service. (CVE-2006-2937) [Steve Henson] --- diff --git a/CHANGES b/CHANGES index 11988efbf9..6b26b19b1b 100644 --- a/CHANGES +++ b/CHANGES @@ -4,6 +4,9 @@ Changes between 0.9.8d and 0.9.9 [xx XXX xxxx] + *) Fix ASN.1 parsing of certain invalid structures that can result + in a denial of service. (CVE-2006-2937) [Steve Henson] + *) Fix buffer overflow in SSL_get_shared_ciphers() function. (CVE-2006-3738) [Tavis Ormandy and Will Drewry, Google Security Team] diff --git a/crypto/asn1/tasn_dec.c b/crypto/asn1/tasn_dec.c index fe1bfd0a90..c32510ffda 100644 --- a/crypto/asn1/tasn_dec.c +++ b/crypto/asn1/tasn_dec.c @@ -832,6 +832,7 @@ static int asn1_d2i_ex_primitive(ASN1_VALUE **pval, } else if (ret == -1) return -1; + ret = 0; /* SEQUENCE, SET and "OTHER" are left in encoded form */ if ((utype == V_ASN1_SEQUENCE) || (utype == V_ASN1_SET) || (utype == V_ASN1_OTHER))