LogoopenSUSE Build Service > Projects
Sign Up | Log In

View File openssl-0.9.7-CVE-2006-2940-fixup.patch of Package compat-openssl097g (Project openSUSE:11.4)

Fix for the CVE-2006-2940 fix

The newly introduced limit on DH modulus size could lead to a crash when
exerted.
This was fixed after the 0.9.8d release in the OpenSSL CVS:
http://cvs.openssl.org/chngview?cn=15607

--- crypto/dh/dh_key.c	2004-06-19 15:15:34.000000000 +0200
+++ crypto/dh/dh_key.c	2006-10-04 14:02:04.000000000 +0200
@@ -159,7 +159,7 @@
 
 static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
 	{
-	BN_CTX *ctx;
+	BN_CTX *ctx=NULL;
 	BN_MONT_CTX *mont;
 	BIGNUM *tmp;
 	int ret= -1;