[openssl-commits] [openssl] OpenSSL_1_0_1-stable update

Dr. Stephen Henson steve at openssl.org
Wed Aug 3 01:39:38 UTC 2016


The branch OpenSSL_1_0_1-stable has been updated
       via  5db2a579b72b94aa0dacb08530768a1a5759237d (commit)
      from  c648bdcc4cd8a7d1699081d339ff33deda69a3be (commit)


- Log -----------------------------------------------------------------
commit 5db2a579b72b94aa0dacb08530768a1a5759237d
Author: Dr. Stephen Henson <steve at openssl.org>
Date:   Tue Aug 2 23:53:41 2016 +0100

    Calculate sequence length properly.
    
    Use correct length in old ASN.1 indefinite length sequence decoder
    (only used by SSL_SESSION).
    
    This bug was discovered by Hanno Böck using libfuzzer.
    
    Reviewed-by: Rich Salz <rsalz at openssl.org>
    (cherry picked from commit 436dead2e2a157fa501a7538a77b6078391b477f)

-----------------------------------------------------------------------

Summary of changes:
 crypto/asn1/asn1_lib.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/crypto/asn1/asn1_lib.c b/crypto/asn1/asn1_lib.c
index 8752654..80f5f2b 100644
--- a/crypto/asn1/asn1_lib.c
+++ b/crypto/asn1/asn1_lib.c
@@ -328,7 +328,7 @@ int asn1_GetSequence(ASN1_const_CTX *c, long *length)
         return (0);
     }
     if (c->inf == (1 | V_ASN1_CONSTRUCTED))
-        c->slen = *length + *(c->pp) - c->p;
+        c->slen = *length;
     c->eos = 0;
     return (1);
 }


More information about the openssl-commits mailing list