Contents of /trunk/openssl/patches/openssl-0.9.8e-CVE-2007-5135.patch
Parent Directory
| 
Revision Log
Revision 367 -
(show annotations)
(download)
Sat Oct 6 09:33:27 2007 UTC (16 years, 7 months ago) by niro
File size: 1171 byte(s)
Sat Oct 6 09:33:27 2007 UTC (16 years, 7 months ago) by niro
File size: 1171 byte(s)
-security updates
| 1 | http://bugs.gentoo.org/194039 |
| 2 | |
| 3 | Index: ssl/ssl_lib.c |
| 4 | =================================================================== |
| 5 | RCS file: /usr/local/src/openssl/CVSROOT/openssl/ssl/ssl_lib.c,v |
| 6 | retrieving revision 1.133.2.9 |
| 7 | retrieving revision 1.133.2.10 |
| 8 | diff -u -p -r1.133.2.9 -r1.133.2.10 |
| 9 | --- ssl/ssl_lib.c 12 Aug 2007 18:59:02 -0000 1.133.2.9 |
| 10 | +++ ssl/ssl_lib.c 19 Sep 2007 12:16:21 -0000 1.133.2.10 |
| 11 | @@ -1210,7 +1210,6 @@ int SSL_set_cipher_list(SSL *s,const cha |
| 12 | char *SSL_get_shared_ciphers(const SSL *s,char *buf,int len) |
| 13 | { |
| 14 | char *p; |
| 15 | - const char *cp; |
| 16 | STACK_OF(SSL_CIPHER) *sk; |
| 17 | SSL_CIPHER *c; |
| 18 | int i; |
| 19 | @@ -1223,20 +1222,21 @@ char *SSL_get_shared_ciphers(const SSL * |
| 20 | sk=s->session->ciphers; |
| 21 | for (i=0; i<sk_SSL_CIPHER_num(sk); i++) |
| 22 | { |
| 23 | - /* Decrement for either the ':' or a '\0' */ |
| 24 | - len--; |
| 25 | + int n; |
| 26 | + |
| 27 | c=sk_SSL_CIPHER_value(sk,i); |
| 28 | - for (cp=c->name; *cp; ) |
| 29 | + n=strlen(c->name); |
| 30 | + if (n+1 > len) |
| 31 | { |
| 32 | - if (len-- <= 0) |
| 33 | - { |
| 34 | - *p='\0'; |
| 35 | - return(buf); |
| 36 | - } |
| 37 | - else |
| 38 | - *(p++)= *(cp++); |
| 39 | + if (p != buf) |
| 40 | + --p; |
| 41 | + *p='\0'; |
| 42 | + return buf; |
| 43 | } |
| 44 | + strcpy(p,c->name); |
| 45 | + p+=n; |
| 46 | *(p++)=':'; |
| 47 | + len-=n+1; |
| 48 | } |
| 49 | p[-1]='\0'; |
| 50 | return(buf); |