diff options
Diffstat (limited to 'openssl0.9.8/patches/CVE-2012-2131.patch')
| -rw-r--r-- | openssl0.9.8/patches/CVE-2012-2131.patch | 28 |
1 files changed, 28 insertions, 0 deletions
diff --git a/openssl0.9.8/patches/CVE-2012-2131.patch b/openssl0.9.8/patches/CVE-2012-2131.patch new file mode 100644 index 0000000..565467c --- /dev/null +++ b/openssl0.9.8/patches/CVE-2012-2131.patch @@ -0,0 +1,28 @@ +Index: openssl-0.9.8o/crypto/buffer/buffer.c +=================================================================== +--- openssl-0.9.8o.orig/crypto/buffer/buffer.c ++++ openssl-0.9.8o/crypto/buffer/buffer.c +@@ -99,6 +99,11 @@ int BUF_MEM_grow(BUF_MEM *str, int len) + char *ret; + unsigned int n; + ++ if (len < 0) ++ { ++ BUFerr(BUF_F_BUF_MEM_GROW,ERR_R_MALLOC_FAILURE); ++ return 0; ++ } + if (str->length >= len) + { + str->length=len; +@@ -141,6 +146,11 @@ int BUF_MEM_grow_clean(BUF_MEM *str, int + char *ret; + unsigned int n; + ++ if (len < 0) ++ { ++ BUFerr(BUF_F_BUF_MEM_GROW_CLEAN,ERR_R_MALLOC_FAILURE); ++ return 0; ++ } + if (str->length >= len) + { + memset(&str->data[len],0,str->length-len); |