546bf977b5
- fix CVE-2015-1789 - out-of-bounds read in X509_cmp_time - fix CVE-2015-1790 - PKCS7 crash with missing EncryptedContent - fix CVE-2015-1791 - race condition handling NewSessionTicket - fix CVE-2015-1792 - CMS verify infinite loop with unknown hash function - add missing parts of CVE-2015-0209 fix for corectness although unexploitable
13 lines
446 B
Diff
13 lines
446 B
Diff
diff -up openssl-1.0.1e/crypto/cms/cms_smime.c.unknown-hash openssl-1.0.1e/crypto/cms/cms_smime.c
|
|
--- openssl-1.0.1e/crypto/cms/cms_smime.c.unknown-hash 2013-02-11 16:26:04.000000000 +0100
|
|
+++ openssl-1.0.1e/crypto/cms/cms_smime.c 2015-06-09 16:07:16.001516190 +0200
|
|
@@ -141,7 +141,7 @@ static void do_free_upto(BIO *f, BIO *up
|
|
BIO_free(f);
|
|
f = tbio;
|
|
}
|
|
- while (f != upto);
|
|
+ while (f && f != upto);
|
|
}
|
|
else
|
|
BIO_free_all(f);
|