Fix the ASN1 sanity check: correct header length

calculation and check overflow against LONG_MAX.
author: Dr. Stephen Henson <steve@openssl.org> 2002-08-02 18:48:55 +0000
committer: Dr. Stephen Henson <steve@openssl.org> 2002-08-02 18:48:55 +0000
commit: f90822689891ca5150f71f8f0502d1877f10faa4 (patch)
tree: ca850f6429f1d57bd1ff11ce3d435352922081b9 /CHANGES
parent: 909abce8002bf6babc42b8196c812f738d8cd0d6 (diff)
download: openssl-f90822689891ca5150f71f8f0502d1877f10faa4.tar.gz
1 files changed, 6 insertions, 0 deletions
diff --git a/CHANGES b/CHANGES
index 2908d32432..231986b27b 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1895,6 +1895,12 @@ des-cbc           3624.96k     5258.21k     5530.91k     5624.30k     5628.26k
 
  Changes between 0.9.6e and 0.9.6f  [XX xxx XXXX]
 
+  *) Fix ASN1 checks. Check for overflow by comparing with LONG_MAX
+     and get fix the header length calculation.
+     [Florian Weimer <Weimer@CERT.Uni-Stuttgart.DE>,
+	Alon Kantor <alonk@checkpoint.com> (and others),
+	Steve Henson]
+
   *) Use proper error handling instead of 'assertions' in buffer
      overflow checks added in 0.9.6e.  This prevents DoS (the
      assertions could call abort()).
author	Dr. Stephen Henson <steve@openssl.org>	2002-08-02 18:48:55 +0000
committer	Dr. Stephen Henson <steve@openssl.org>	2002-08-02 18:48:55 +0000
commit	f90822689891ca5150f71f8f0502d1877f10faa4 (patch)
tree	ca850f6429f1d57bd1ff11ce3d435352922081b9 /CHANGES
parent	909abce8002bf6babc42b8196c812f738d8cd0d6 (diff)
download	openssl-f90822689891ca5150f71f8f0502d1877f10faa4.tar.gz