summaryrefslogtreecommitdiffstats
path: root/patches/source/gnutls/gnutls-2.10.5_CVE-2014-3468.diff
diff options
context:
space:
mode:
Diffstat (limited to 'patches/source/gnutls/gnutls-2.10.5_CVE-2014-3468.diff')
-rw-r--r--patches/source/gnutls/gnutls-2.10.5_CVE-2014-3468.diff45
1 files changed, 45 insertions, 0 deletions
diff --git a/patches/source/gnutls/gnutls-2.10.5_CVE-2014-3468.diff b/patches/source/gnutls/gnutls-2.10.5_CVE-2014-3468.diff
new file mode 100644
index 000000000..bb4026948
--- /dev/null
+++ b/patches/source/gnutls/gnutls-2.10.5_CVE-2014-3468.diff
@@ -0,0 +1,45 @@
+From 281855ad29bfe57c8ceeed42745e56e5d4106dcd Mon Sep 17 00:00:00 2001
+From: mancha <mancha1@zoho.com>
+Date: Mon, 2 Jun 2014
+Subject: CVE-2014-3468
+
+This is a backport adaptation for use with GnuTLS 2.10.5.
+
+Relevant upstream commit(s):
+-------------------------
+http://git.savannah.gnu.org/cgit/libtasn1.git/commit/?id=1c3ccb3e040bf1
+
+---
+ lib/minitasn1/decoding.c | 7 +++++--
+ 1 file changed, 5 insertions(+), 2 deletions(-)
+
+--- a/lib/minitasn1/decoding.c
++++ b/lib/minitasn1/decoding.c
+@@ -209,7 +209,7 @@ asn1_get_octet_der (const unsigned char
+ int *ret_len, unsigned char *str, int str_size,
+ int *str_len)
+ {
+- int len_len;
++ int len_len = 0;
+
+ if (der_len <= 0)
+ return ASN1_GENERIC_ERROR;
+@@ -330,7 +330,7 @@ asn1_get_bit_der (const unsigned char *d
+ int *ret_len, unsigned char *str, int str_size,
+ int *bit_len)
+ {
+- int len_len, len_byte;
++ int len_len = 0, len_byte;
+
+ if (der_len <= 0)
+ return ASN1_GENERIC_ERROR;
+@@ -341,6 +341,9 @@ asn1_get_bit_der (const unsigned char *d
+ *ret_len = len_byte + len_len + 1;
+ *bit_len = len_byte * 8 - der[len_len];
+
++ if (*bit_len <= 0)
++ return ASN1_DER_ERROR;
++
+ if (str_size >= len_byte)
+ memcpy (str, der + len_len + 1, len_byte);
+ else