File openssl-engine-0.9.6j-asn1.dif of Package compat-openssl096g

diff -uNr openssl-engine-0.9.6j.orig/crypto/asn1/asn1_lib.c openssl-engine-0.9.6j/crypto/asn1/asn1_lib.c
--- openssl-engine-0.9.6j.orig/crypto/asn1/asn1_lib.c	2002-08-08 22:11:25.000000000 +0200
+++ openssl-engine-0.9.6j/crypto/asn1/asn1_lib.c	2003-09-30 16:01:02.000000000 +0200
@@ -104,10 +104,12 @@
 			l<<=7L;
 			l|= *(p++)&0x7f;
 			if (--max == 0) goto err;
+			if (l > (INT_MAX >> 7L)) goto err;
 			}
 		l<<=7L;
 		l|= *(p++)&0x7f;
 		tag=(int)l;
+		if (--max == 0) goto err;
 		}
 	else
 		{ 
diff -uNr openssl-engine-0.9.6j.orig/crypto/x509/x509_vfy.c openssl-engine-0.9.6j/crypto/x509/x509_vfy.c
--- openssl-engine-0.9.6j.orig/crypto/x509/x509_vfy.c	2002-12-28 03:01:41.000000000 +0100
+++ openssl-engine-0.9.6j/crypto/x509/x509_vfy.c	2003-09-30 16:01:48.000000000 +0200
@@ -490,7 +490,7 @@
 				ok=(*cb)(0,ctx);
 				if (!ok) goto end;
 				}
-			if (X509_verify(xs,pkey) <= 0)
+			else if (X509_verify(xs,pkey) <= 0)
 				{
 				ctx->error=X509_V_ERR_CERT_SIGNATURE_FAILURE;
 				ctx->current_cert=xs;