Overview

File CVE-2012-2131.patch of Package compat-openssl098.1339

Index: openssl-0.9.8j/crypto/buffer/buffer.c
===================================================================
--- openssl-0.9.8j.orig/crypto/buffer/buffer.c
+++ openssl-0.9.8j/crypto/buffer/buffer.c
@@ -99,6 +99,12 @@ int BUF_MEM_grow(BUF_MEM *str, int len)
 	char *ret;
 	unsigned int n;
 
+	if (len < 0)
+		{
+		BUFerr(BUF_F_BUF_MEM_GROW,ERR_R_MALLOC_FAILURE);
+		return 0;
+		}
+
 	if (str->length >= len)
 		{
 		str->length=len;
@@ -140,6 +146,11 @@ int BUF_MEM_grow_clean(BUF_MEM *str, int
 	{
 	char *ret;
 	unsigned int n;
+	if (len < 0)
+		{
+		BUFerr(BUF_F_BUF_MEM_GROW_CLEAN,ERR_R_MALLOC_FAILURE);
+		return 0;
+		}
 
 	if (str->length >= len)
 		{
openSUSE Build Service is sponsored by
Places