From: Dr. Stephen Henson <steve@openssl.org>
Date: Mon, 12 Feb 2001 03:04:59 +0000 (+0000)
Subject: Workaround for libsafe "error".
X-Git-Tag: OpenSSL_0_9_6a-beta1~44
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=c6b523d3dd259101a2aaea81c01aa0f96981a05b;hp=1e376e41a25f122660fbe1b68bfeb30831104d7b;p=oweals%2Fopenssl.git

Workaround for libsafe "error".
---

diff --git a/CHANGES b/CHANGES
index 5f3556cc7f..3030c8cf87 100644
--- a/CHANGES
+++ b/CHANGES
@@ -4,6 +4,11 @@
 
  Changes between 0.9.6 and 0.9.6a  [xx XXX 2001]
 
+  *) Use the cached encoding of an X509_NAME structure rather than
+     copying it. This is apparently the reason for the libsafe "errors"
+     but the code is actually correct.
+     [Steve Henson]
+
   *) Add new function BN_rand_range(), and fix DSA_sign_setup() to prevent
      Bleichenbacher's DSA attack.
      [Ulf Moeller]
diff --git a/crypto/x509/x509_cmp.c b/crypto/x509/x509_cmp.c
index b147d573d2..3f9f9b3d47 100644
--- a/crypto/x509/x509_cmp.c
+++ b/crypto/x509/x509_cmp.c
@@ -199,19 +199,13 @@ unsigned long X509_NAME_hash(X509_NAME *x)
 	{
 	unsigned long ret=0;
 	unsigned char md[16];
-	unsigned char str[256],*p,*pp;
-	int i;
-
-	i=i2d_X509_NAME(x,NULL);
-	if (i > sizeof(str))
-		p=OPENSSL_malloc(i);
-	else
-		p=str;
 
-	pp=p;
-	i2d_X509_NAME(x,&pp);
-	MD5((unsigned char *)p,i,&(md[0]));
-	if (p != str) OPENSSL_free(p);
+	/* Ensure cached version is up to date */
+	i2d_X509_NAME(x,NULL);
+	/* Use cached encoding directly rather than copying: this should
+	 * keep libsafe happy.
+	 */
+	MD5((unsigned char *)x->bytes->data,x->bytes->length,&(md[0]));
 
 	ret=(	((unsigned long)md[0]     )|((unsigned long)md[1]<<8L)|
 		((unsigned long)md[2]<<16L)|((unsigned long)md[3]<<24L)