Overview

File openssl-CVE-2015-0292.patch of Package compat-openssl098.16428

commit 9febee02720902c195fe929ecfe06362c551422c
Author: Geoff Thorpe <geoff@openssl.org>
Date:   Sun May 4 18:44:14 2014 -0400

    evp: prevent underflow in base64 decoding
    
    This patch resolves RT ticket #2608.
    
    Thanks to Robert Dugal for originally spotting this, and to David
    Ramos for noticing that the ball had been dropped.
    
    Signed-off-by: Geoff Thorpe <geoff@openssl.org>

Index: openssl-0.9.8j/crypto/evp/encode.c
===================================================================
--- openssl-0.9.8j.orig/crypto/evp/encode.c	2005-06-21 00:11:28.000000000 +0200
+++ openssl-0.9.8j/crypto/evp/encode.c	2015-03-16 18:40:04.740807812 +0100
@@ -325,6 +325,7 @@ int EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx
 				v=EVP_DecodeBlock(out,d,n);
 				n=0;
 				if (v < 0) { rv=0; goto end; }
+				if (eof > v) { rv=-1; goto end; }
 				ret+=(v-eof);
 				}
 			else
openSUSE Build Service is sponsored by
Places